VYPR
High severity7.8NVD Advisory· Published Jun 14, 2018· Updated Jun 17, 2026

CVE-2018-6516

CVE-2018-6516

Description

On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation.

Affected products

2
  • prior to 16.4.6, 17.3.6, 18.1.2+ 1 more
    • (no CPE)range: prior to 16.4.6, 17.3.6, 18.1.2
    • (no CPE)range: 16.4.x prior to 16.4.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.