CVE-2014-9355 Information

Description

Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.

Reference

http://puppetlabs.com/security/cve/cve-2014-9355 http://secunia.com/advisories/61265