CVE-2011-3872 & Puppet | puppet by Perforce

CVE-2022-3276 - Puppetlabs-mysql Command Injection

Posted 2022-10-03
Assessed Risk Level: High
CVSS 3.1 Base Score: 8.4

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.

Status

Affected software versions:

Puppetlabs-mysql Module <13.0.0

Resolved in:

Puppetlabs-mysql Module 13.0.0

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

CVE-2022-3276 - Puppetlabs-mysql Command Injection

Posted 2022-10-03

Assessed Risk Level: High

CVSS 3.1 Base Score: 8.4

Status

Get Started

Puppet

Premium Features

CVE-2022-3276 - Puppetlabs-mysql Command Injection

Posted 2022-10-03

Assessed Risk Level: High

CVSS 3.1 Base Score: 8.4

Status