CVE-2013-2275
EUVD-2013-222120.03.2013, 16:55
The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| puppet | puppet | 2.6.0 |
| puppet | puppet | 2.6.1 |
| puppet | puppet | 2.6.2 |
| puppet | puppet | 2.6.3 |
| puppet | puppet | 2.6.4 |
| puppet | puppet | 2.6.5 |
| puppet | puppet | 2.6.6 |
| puppet | puppet | 2.6.7 |
| puppet | puppet | 2.6.8 |
| puppet | puppet | 2.6.9 |
| puppet | puppet | 2.6.10 |
| puppet | puppet | 2.6.11 |
| puppet | puppet | 2.6.12 |
| puppet | puppet | 2.6.13 |
| puppet | puppet | 2.6.14 |
| puppet | puppet | 2.6.15 |
| puppet | puppet | 2.6.16 |
| puppetlabs | puppet | 𝑥 ≤ 2.6.17 |
| puppet | puppet | 2.7.2 |
| puppet | puppet | 2.7.3 |
| puppet | puppet | 2.7.4 |
| puppet | puppet | 2.7.5 |
| puppet | puppet | 2.7.6 |
| puppet | puppet | 2.7.7 |
| puppet | puppet | 2.7.8 |
| puppet | puppet | 2.7.9 |
| puppet | puppet | 2.7.10 |
| puppet | puppet | 2.7.11 |
| puppet | puppet | 2.7.12 |
| puppet | puppet | 2.7.13 |
| puppet | puppet | 2.7.14 |
| puppet | puppet | 2.7.16 |
| puppet | puppet | 2.7.17 |
| puppet | puppet | 2.7.18 |
| puppetlabs | puppet | 2.7.0 |
| puppetlabs | puppet | 2.7.1 |
| puppetlabs | puppet | 2.7.19 |
| puppetlabs | puppet | 2.7.20 |
| puppetlabs | puppet | 2.7.20:rc1 |
| puppet | puppet_enterprise | 3.1.0 |
| puppetlabs | puppet | 𝑥 ≤ 1.2.6 |
| puppet | puppet_enterprise | 2.7.0 |
| puppet | puppet_enterprise | 2.7.1 |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 12.10 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References