CVE-2012-3864 (retired)

Priority
Description
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before
2.5.2, allows remote authenticated users to read arbitrary files on the
puppet master server by leveraging an arbitrary user's certificate and
private key in a GET request.
Assigned-to
mdeslaur
Package
Upstream:released (2.6.17,2.7.18)
Ubuntu 12.04 ESM (Precise Pangolin):released (2.7.11-1ubuntu3)
More Information

Updated: 2019-03-26 12:03:28 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)