CVE-2015-7328 (retired)

Priority
Description
Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x
before 2015.2.3 uses world-readable permissions for the private key of the
Certification Authority (CA) certificate during the initial installation
and configuration, which might allow local users to obtain sensitive
information via unspecified vectors.
Notes
sbeattiePuppet Enterprise only
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-10-09 07:53:50 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)