Get Puppet Enterprise First 10 nodes are free!
Try it now
Request a demo
Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Puppet Comply Find and prevent compliance failures
Compliance EnforcementRemediate to stay in compliance
Continuous Delivery for Puppet Enterprise Build, test, and deploy infrastructure as code faster and easier
Content & Modules Pre-built scripts to automate common tasks
CentOS EOL Here’s how to secure your CentOS infrastructure – even after EOL.
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
Type: Local Privilege Escalation
Previously, puppet resource in --edit mode used an extremely predictable file name, which would persist on human timescales, could be known well ahead of creation, and would be run as the invoking user upon completion of the operation.
This could be exploited to trick the invoking user into editing an arbitrary target file, or running arbitrary Puppet code. As puppet resource is not very effective when not run as root, the potential effect of an attack was quite high.
Resolved in Puppet 2.6.11 and 2.7.5