CVE-2013-2275 Information

Description

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18 2.7.x before 2.7.21 and 3.1.x before 3.1.1 and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html http://rhn.redhat.com/errata/RHSA-2013-0710.html http://secunia.com/advisories/52596 http://ubuntu.com/usn/usn-1759-1 http://www.debian.org/security/2013/dsa-2643 http://www.securityfocus.com/bid/58449 https://puppetlabs.com/security/cve/cve-2013-2275/