CVSS 3 Base Score: 8.8Posted On: June 7, 2018Assessed Risk Level: HighOn Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation.Status:Affected software versions:Puppet Agent 1.10.x prior to 1.10.13Puppet Agent 5.3.x prior to 5.3.7Puppet Agent 5.5.x prior to 5.5.2Resolved in:Puppet Agent 1.10.13Puppet Agent 5.3.7Puppet Agent 5.5.2← Back to CVE Listings