MEDIUM
Puppetlabs
CVE published 2017-01-30
CVE-2015-7331
CVE-2015-7331 is a medium-severity vulnerability in the mcollective-puppet-agent plugin for Puppet. NVD describes that versions before 1.11.1 allow remote attackers to execute arbitrary code through vectors involving the --server argument. For defenders, the key takeaway is straightforward: if you use this plugin, confirm you are on 1.11.1 or later and review any workflows that rely on server selection or [truncated]