Headline
CVE-2021-27025: CVE-2021-27025 - Silent Configuration Failure | Puppet
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync’.
- Posted November 9, 2021
- Assessed Risk Level: Medium
- CVSS 3.1 Base Score: 6.3
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first pluginsync.
Status:
Affected software versions:
- Puppet Enterprise prior to 2019.8.9
- Puppet Enterprise prior to 2021.4.0
- Puppet Agent prior to 6.25.1
- Puppet Agent prior to 7.12.1
- Puppet Agent 5.5.x
Resolved in:
- Puppet Enterprise 2019.8.9
- Puppet Enterprise 2021.4.0
- Puppet Agent 6.25.1
- Puppet Agent 7.12.1