Overview

CVE-2014-3249 (Information leakage)

  • Posted June 10, 2014

  • Assessed Risk Level: Low

Unauthenticated users could hide and unhide nodes in the Console and get a list of facts for a node.

CVSSv2 Score: 3.9

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C

Status:

Affected Software Versions:

  • Puppet Enterprise 2.8 (all)

Resolved in:

  • Puppet Enterprise 2.8.7