U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2014-3248

Change History

Initial CVE Analysis 11/17/2014 1:42:26 PM

Action Type Old Value New Value
Added CVSS V2

								
							
							
						
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Added CWE

								
							
							
						
CWE-17
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:puppetlabs:facter:1.6.18:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:puppetlabs:facter:2.0.1:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:puppetlabs:marionette-collective:2.5.1:*:*:*:*:*:*:* (and previous)
Configuration 3
     OR
          *cpe:2.3:a:puppetlabs:hiera:1.3.3:*:*:*:*:*:*:* (and previous)
Configuration 4
     OR
          *cpe:2.3:a:puppetlabs:puppet:2.8.6:*:*:*:enterprise:*:*:* (and previous)
          *cpe:2.3:a:puppetlabs:puppet:2.7.26:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:puppetlabs:puppet:3.6.1:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://puppetlabs.com/security/cve/cve-2014-3248 No Types Assigned
http://puppetlabs.com/security/cve/cve-2014-3248 Advisory
Changed Reference Type
http://rowediness.com/2014/06/13/cve-2014-3248-a-little-problem-with-puppet/ No Types Assigned
http://rowediness.com/2014/06/13/cve-2014-3248-a-little-problem-with-puppet/ Exploit