CVE-2022-0675: Puppet Firewall Module May Leave Unmanaged Rules
First published: Wed Mar 02 2022(Updated: )
In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state.
Credit: security@puppet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Puppet Firewall | <3.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-0675?
CVE-2022-0675 is a vulnerability that allows unmanaged rules to exist on a system, potentially leaving it in an unsafe state.
What is the severity of CVE-2022-0675?
CVE-2022-0675 has a severity rating of 9.8 out of 10, indicating a critical vulnerability.
Which software is affected by CVE-2022-0675?
The Puppet Firewall software up to version 3.4.0 is affected by CVE-2022-0675.
How can I fix CVE-2022-0675?
To fix CVE-2022-0675, it is recommended to update Puppet Firewall to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2022-0675?
More information about CVE-2022-0675 can be found at the following link: [https://puppet.com/security/cve/CVE-2022-0675](https://puppet.com/security/cve/CVE-2022-0675)
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/puppet
- canonical/puppet firewall