Vulnerability in Perforce Puppet Enterprise
CVE-2025-10360
In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user…
EPSS: 0.002 (7.4th percentile) — read the EPSS interpretation.
Affected products
- Perforce Puppet Enterprise — versions 2025.4