Vulnerability in Puppet Enterprise

CVE-2023-2530

A privilege escalation allowing remote code execution was discovered in the orchestration service.

EPSS: 0.078 (92.1th percentile) — read the EPSS interpretation.

Affected products

Puppet Enterprise — versions 2021.7.0, 2023.0.0

References

www.puppet.com/security/cve/cve-2023-2530-remote-code-execution-orchestrator