{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:44:19.869","vulnerabilities":[{"cve":{"id":"CVE-2016-5716","sourceIdentifier":"security@puppet.com","published":"2017-08-09T14:29:00.200","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node."},{"lang":"es","value":"La consola en Puppet Enterprise en versiones 2015.x y 2016.x anteriores a la versión 2016.4.0 incluye lecturas de strings no seguros que podrían permitir que se ejecutase código de forma remota en el nodo de la consola."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-134"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D314EA4C-0CF5-49DD-AE91-A69D07BBE3FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.2.1:*:*:*:*:*:*:*","matchCriteriaId":"8B73DBBF-D30F-49FB-8564-7DB6E4EAC945"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.2.2:*:*:*:*:*:*:*","matchCriteriaId":"F8032AD3-4956-4432-B0E0-1CCAD521C370"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.2.3:*:*:*:*:*:*:*","matchCriteriaId":"ECBD22F5-AC67-473C-83BB-FEA7F3493CA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.3.0:*:*:*:*:*:*:*","matchCriteriaId":"364465AC-E8C6-4245-8F33-CD4EFDFA3D2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.3.1:*:*:*:*:*:*:*","matchCriteriaId":"D68D54F1-2031-4B56-A3D4-6654A8320B50"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.3.2:*:*:*:*:*:*:*","matchCriteriaId":"B18FA0E7-381A-4831-9E2A-DE94D5FCDA83"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2015.3.3:*:*:*:*:*:*:*","matchCriteriaId":"0C5CAE21-41D1-4AE6-BA93-3DB6DAE8A743"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2016.1.1:*:*:*:*:*:*:*","matchCriteriaId":"12807AD1-C455-421C-ABCB-A0CFF7C10DC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2016.1.2:*:*:*:*:*:*:*","matchCriteriaId":"F8566880-B247-47CA-BAE1-251A3DADDC04"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2016.2.0:*:*:*:*:*:*:*","matchCriteriaId":"F2896082-1228-4A6C-BE47-D1CB4916DBA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:puppet:puppet_enterprise:2016.2.1:*:*:*:*:*:*:*","matchCriteriaId":"9D4A193B-8FC2-4E73-9FD2-5A4FCD9A0291"}]}]}],"references":[{"url":"https://puppet.com/security/cve/pe-console-oct-2016","source":"security@puppet.com","tags":["Vendor Advisory"]},{"url":"https://puppet.com/security/cve/pe-console-oct-2016","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}