NVD

Id
40440  
Name
CVE-2013-4956  
Description
Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.  
Reject
 
CVSS Version
2  
CVSS Score
3.6  
Severity
Low  
CVSS Base Score
3.6  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-08-20  
Modified Date
2013-10-07  
Seq
2013-4956  

Actions