CVE-2016-2786

CVE-2016-2786

The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate.

Source: CVE-2016-2786

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다