CVE-2024-9160 MEDIUM

CVE-2024-9160: Security Misconfiguration in Forge module PEADM

Vendor Puppet
Product PEADM Forge Module
Weakness CWE-295
Published September 27, 2024
Last update September 27, 2024

CVSS base score

5.4/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered.

Key dates

02Disclosure timeline

September 27, 2024 CVE published
September 27, 2024 Record updated