Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PE client tools for Windows 安全漏洞
Vulnerability Description
Puppet是美国Puppet实验室的一套基于客户端/服务器(C/S)架构的配置管理工具,它可用于管理配置文件、用户、cron任务、软件包、系统服务等。Puppet Enterprise是一个企业版。PE client tools for Windows是其中的一款基于Windows平台的用于控制、管理Puppet Enterprise的命令行工具。 基于Windows平台的PE client tools 16.4.6之前的16.4.x版本、17.3.6之前的17.3.x版本和18.1.2之前的18.1.
CVSS Information
N/A
Vulnerability Type
N/A