{"id":"CVE-2011-0528","details":"Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.","aliases":["GHSA-9pvx-fwwh-w289"],"modified":"2026-01-27T04:10:38.730668Z","published":"2014-02-17T16:55:04Z","withdrawn":"2026-01-27T04:10:38.730668Z","references":[{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1365-1"},{"type":"WEB","url":"http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2011/01/27/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2011/01/31/5"}],"schema_version":"1.7.3"}