CVE-2021-44228 - log4j | Puppet by Perforce

CVSS 3 Base Score:
9.8

Posted On:
December 10, 2021

Assessed Risk Level:
High

Continuous Delivery for Puppet Enterprise (CD4PE) and Puppet Comply were found vulnerable to CVE-2021-44228. CD4PE was vulnerable to Remote Code Execution (RCE) and Comply was found potentially vulnerable to privilege escalation.

https://nvd.nist.gov/vuln/detail/CVE-2021-44228
https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce

Status:

Affected software versions:

CD4PE 3.x
CD4PE prior to 4.10.3
Comply prior to 2.2.1

Resolved in:

CD4PE 4.10.3
Comply 2.2.1

← Back to CVE Listings

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

A Brief Intro to Puppet for (Very) Busy People

Enforcing Better Zero Trust Security with Puppet Enterprise

CVE-2021-44228 - log4j

CVSS 3 Base Score:
9.8

Posted On:
December 10, 2021

Assessed Risk Level:
High

Status:

Get Started

Puppet

Premium Features

CVE-2021-44228 - log4j

CVSS 3 Base Score: 9.8

Posted On: December 10, 2021

Assessed Risk Level: High

Status:

CVSS 3 Base Score:
9.8

Posted On:
December 10, 2021

Assessed Risk Level:
High