CVSS 3 Base Score:
6.3

Posted On:

Assessed Risk Level:
Medium

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first pluginsync.

Status:

Affected software versions:
  • Puppet Enterprise prior to 2019.8.9
  • Puppet Enterprise prior to 2021.4.0
  • Puppet Agent prior to 6.25.1
  • Puppet Agent prior to 7.12.1
  • Puppet Agent 5.5.x
Resolved in:
  • Puppet Enterprise 2019.8.9
  • Puppet Enterprise 2021.4.0
  • Puppet Agent 6.25.1
  • Puppet Agent 7.12.1