CVE-2021-27025

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Puppet Agent (affected versions not specified)

Description A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. The issue is related to errors in resource management. Exploitation of the flaw may allow a remote attacker to cause a Denial of Service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2024-10807

CVE-2021-27025

GHSA-Q4G7-JRXV-67R9

RHSA-2022:1708

RHSA-2022:4866

RHSA-2022:4867

RHSA-2022:8846

RHSA-2022:8862

Affected Products

Debian

Puppet Agent

Red Os

CVE-2021-27025

Weakness Enumeration

Related Identifiers

Affected Products

References · 20