A bug in Puppet allows authenticated clients to read arbitrary files from the puppet master.
Given a valid certificate and private key, it is possible to construct an HTTP GET request that will return the contents of an arbitrary file on the Puppet master. These requests can retrieve any file that the puppet master has read-access to.
- Resolved in Puppet 2.6.17 (source), 2.7.18 (source), rpm, deb, dmg, windows
- Resolved in Puppet Enterprise 1.2.5 and 2.5.2
- Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x