Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7170

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2014-7170
Last Modified 18 Dec 2014 10:59:26
Published 17 Dec 2014 02:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-7170

Summary

Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

Vulnerable Systems

Application

  • Puppetlabs Puppet Server 0.2.0


References

CONFIRM - http://puppetlabs.com/security/cve/cve-2014-7170


Last Updated: 27 May 2016 11:07:18