CVE-2016-5715 - Arbitrary URL Redirection in Puppet Enterprise Console

CVSS 3 Base Score:
4.2

Posted On:
October 20, 2016

Assessed Risk Level:
Medium

The Puppet Enterprise Console does not properly validate the string parameter used to set the URL target for the next page transition. This can be leveraged to create believable phishing attacks and potentially harvest the victim's console credentials. This was thought to be resolved with the fix for CVE-2015-6501, but the fix was incomplete. Puppet Enterprise 2016.4.0 includes a fix for this vulnerability.

Thanks to John Page aka hyp3rlinx for responsibly disclosing this issue to us. This issue was also independently reported by NCC Group.

Status:

Affected software versions:

Puppet Enterprise 2015.x
Puppet Enterprise 2016.x prior to 2016.4.0

Resolved in:

Puppet Enterprise 2016.4.0

← Back to CVE Listings

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

CVE-2016-5715 - Arbitrary URL Redirection in Puppet Enterprise Console

CVSS 3 Base Score:
4.2

Posted On:
October 20, 2016

Assessed Risk Level:
Medium

Status:

Get Started

Puppet

Premium Features

CVE-2016-5715 - Arbitrary URL Redirection in Puppet Enterprise Console

CVSS 3 Base Score: 4.2

Posted On: October 20, 2016

Assessed Risk Level: Medium

Status:

CVSS 3 Base Score:
4.2

Posted On:
October 20, 2016

Assessed Risk Level:
Medium