1
Candidate: CVE-2015-7328
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7328
5
https://puppetlabs.com/security/cve/cve-2015-7328
7
Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x
8
before 2015.2.3 uses world-readable permissions for the private key of the
9
Certification Authority (CA) certificate during the initial installation
10
and configuration, which might allow local users to obtain sensitive
11
information via unspecified vectors.
14
sbeattie> Puppet Enterprise only
21
upstream_puppet: needs-triage
22
precise_puppet: not-affected
23
trusty_puppet: not-affected
24
vivid_puppet: not-affected
25
wily_puppet: not-affected
26
devel_puppet: not-affected