Security Advisory

CVE-2012-3864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-06 16:00:00

Last updated 2024-08-06 20:21:04

Assigner mitre

State PUBLISHED

Description

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary users certificate and private key in a GET request.

← Browse all CVEs View on cve.org ↗