Puppet - Marionette Collective CVE

Filtered by vendor Puppet Subscribe

Filtered by product Marionette Collective

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-2788	1 Puppet	2 Marionette Collective, Puppet Enterprise	2022-01-24	7.5 HIGH	9.8 CRITICAL
MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command.
CVE-2014-0175	3 Debian, Puppet, Redhat	3 Debian Linux, Marionette Collective, Openshift	2019-12-18	7.5 HIGH	9.8 CRITICAL
mcollective has a default password set at install

Vulnerabilities (CVE)