← Back to CVEs
CVE-2015-7328
N/ADescription
Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the initial installation and configuration, which might allow local users to obtain sensitive information via unspecified vectors.
CVE Details
CVSS v3.1 ScoreN/A
Published1/8/2016
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0
Affected Products
puppet:puppet_enterprise
Weaknesses (CWE)
CWE-200
References
https://puppetlabs.com/security/cve/cve-2015-7328(cve@mitre.org)
https://puppetlabs.com/security/cve/cve-2015-7328(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.