CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-5716

The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2016-5716

Puppet » Puppet Enterprise » Version: 2015.2.0

cpe:2.3:a:puppet:puppet_enterprise:2015.2.0
Puppet » Puppet Enterprise » Version: 2015.2.1

cpe:2.3:a:puppet:puppet_enterprise:2015.2.1
Puppet » Puppet Enterprise » Version: 2015.2.2

cpe:2.3:a:puppet:puppet_enterprise:2015.2.2
Puppet » Puppet Enterprise » Version: 2015.2.3

cpe:2.3:a:puppet:puppet_enterprise:2015.2.3
Puppet » Puppet Enterprise » Version: 2015.3.0

cpe:2.3:a:puppet:puppet_enterprise:2015.3.0
Puppet » Puppet Enterprise » Version: 2015.3.1

cpe:2.3:a:puppet:puppet_enterprise:2015.3.1
Puppet » Puppet Enterprise » Version: 2015.3.2

cpe:2.3:a:puppet:puppet_enterprise:2015.3.2
Puppet » Puppet Enterprise » Version: 2015.3.3

cpe:2.3:a:puppet:puppet_enterprise:2015.3.3
Puppet » Puppet Enterprise » Version: 2016.1.1

cpe:2.3:a:puppet:puppet_enterprise:2016.1.1
Puppet » Puppet Enterprise » Version: 2016.1.2

cpe:2.3:a:puppet:puppet_enterprise:2016.1.2
Puppet » Puppet Enterprise » Version: 2016.2.0

cpe:2.3:a:puppet:puppet_enterprise:2016.2.0
Puppet » Puppet Enterprise » Version: 2016.2.1

cpe:2.3:a:puppet:puppet_enterprise:2016.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-5716

Products

Pricing

Contact Us