Vulnerabilites related to puppet - puppet_agent
Vulnerability from fkie_nvd
Published
2016-06-10 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://puppet.com/security/cve/CVE-2016-2786 | Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201606-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/CVE-2016-2786 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201606-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet_agent | 1.3.0 | |
| puppet | puppet_agent | 1.3.1 | |
| puppet | puppet_agent | 1.3.2 | |
| puppet | puppet_agent | 1.3.4 | |
| puppet | puppet_agent | 1.3.5 | |
| puppet | puppet_enterprise | 2015.3.0 | |
| puppet | puppet_enterprise | 2015.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB387B5-667B-4CA8-BAFC-465F2E4A9485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E61A7AF3-5B7E-44BA-BD59-6C392505748D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48949FBD-A81F-4CFB-806F-A845A41656E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C992FC14-21DB-4E3B-AA51-F15383A55C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "70BEDC55-CCDB-4B86-A4B1-07EA5603A59C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2015.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364465AC-E8C6-4245-8F33-CD4EFDFA3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2015.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B18FA0E7-381A-4831-9E2A-DE94D5FCDA83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate."
},
{
"lang": "es",
"value": "El componente pxp-agent en Puppet Enterprise 2015.3.x en versiones anteriores a 2015.3.3 y Puppet Agent 1.3.x en versiones anteriores a 1.3.6 no valida adecuadamente certificados de servidor, lo que podr\u00eda permitir a atacantes remotos espiar brokers y ejecutar comandos arbitrarios a trav\u00e9s de un certificado manipulado."
}
],
"id": "CVE-2016-2786",
"lastModified": "2024-11-21T02:48:48.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T15:59:01.343",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2016-2786"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2016-2786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-02"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-18 18:29
Modified
2024-11-21 02:54
Severity ?
Summary
Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability."
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.gentoo.org/597684 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://puppet.com/security/cve/cve-2016-5714 | Vendor Advisory | |
| cve@mitre.org | https://puppet.com/security/cve/pxp-agent-oct-2016 | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201710-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.gentoo.org/597684 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/cve-2016-5714 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/pxp-agent-oct-2016 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201710-12 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet_enterprise | 2015.3.3 | |
| puppet | puppet_enterprise | 2016.1.1 | |
| puppet | puppet_enterprise | 2016.1.2 | |
| puppet | puppet_enterprise | 2016.2.0 | |
| puppet | puppet_enterprise | 2016.2.1 | |
| puppet | puppet_agent | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2015.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5CAE21-41D1-4AE6-BA93-3DB6DAE8A743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2016.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12807AD1-C455-421C-ABCB-A0CFF7C10DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2016.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8566880-B247-47CA-BAE1-251A3DADDC04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2016.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2896082-1228-4A6C-BE47-D1CB4916DBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2016.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4A193B-8FC2-4E73-9FD2-5A4FCD9A0291",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D77E81E-0AE8-40BC-BF58-7C7A3C845AFE",
"versionEndIncluding": "1.7.0",
"versionStartIncluding": "1.3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka \"Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability.\""
},
{
"lang": "es",
"value": "Puppet Enterprise 2015.3.3 y 2016.x en versiones anteriores a la 2016.4.0 y Puppet Agent 1.3.6 hasta la versi\u00f3n 1.7.0 permite que atacantes remotos omitan un mecanismo de protecci\u00f3n de listas blancas de host y ejecutar c\u00f3digo arbitrario en nodos Puppet mediante vectores relacionados con la validaci\u00f3n de comandos. Esto tambi\u00e9n se conoce como \"Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability\"."
}
],
"id": "CVE-2016-5714",
"lastModified": "2024-11-21T02:54:52.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-18T18:29:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/597684"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-5714"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/pxp-agent-oct-2016"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/597684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-5714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/pxp-agent-oct-2016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-10 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet | 4.0.0 | |
| puppet | puppet | 4.0.0 | |
| puppet | puppet | 4.0.0 | |
| puppet | puppet | 4.0.0 | |
| puppet | puppet | 4.1.0 | |
| puppet | puppet | 4.2.0 | |
| puppet | puppet | 4.2.1 | |
| puppet | puppet | 4.2.2 | |
| puppet | puppet | 4.2.3 | |
| puppet | puppet | 4.3.0 | |
| puppet | puppet | 4.3.1 | |
| puppet | puppet | 4.3.2 | |
| puppet | puppet | 4.4.0 | |
| puppet | puppet | 4.4.1 | |
| puppet | puppet_server | 2.0.0 | |
| puppet | puppet_server | 2.1.0 | |
| puppet | puppet_server | 2.1.1 | |
| puppet | puppet_server | 2.1.2 | |
| puppet | puppet_server | 2.2.0 | |
| puppet | puppet_server | 2.3.0 | |
| puppet | puppet_server | 2.3.1 | |
| puppet | puppet_agent | 1.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A11509AE-D08C-46AE-8D47-20E74818CBE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA7AF7F2-94E6-4878-927B-C21631C98552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8FB7FA1B-B7F7-4969-80F9-6A915B513187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "122339DA-E6C1-4F7A-8D41-28C254F3F7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68A51928-A68D-4A73-B6D0-D5C1DDEC6458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E88DAC8-E363-424D-8DEF-4471A0B8BCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22C3FECF-C94E-4AE8-B461-BC3A3C31B723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B5CAF9-9CFF-4E16-94FA-3A30457F294F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C8611A-D412-4290-A549-63B927CE607E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE53A43-1311-4276-B6D3-A116EDD4596D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D88EB0D2-E1BE-4A96-BFE3-EC30F6F94DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "391B0EF3-C49C-4479-96BF-DAC83C4B7960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E02A-C633-4EF1-964F-D58D6B69FF57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE00E2D2-A880-4FAD-8514-68D92F45BB6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D00D8-6A01-4BE0-BD10-EDBBB716C0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC046DE-8D52-475D-9FB8-833FCA324432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "508E4ED0-42DD-4886-BF38-E1B38A8A1535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B03168-8F2B-4E97-8CF6-ACCD6BD5E97A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC34CE8-8586-4763-AB70-8D6C7E64CF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D605861-8208-4051-8ABD-E6D6202BE243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F392771-D087-4B17-9CEA-E599ECC08C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D66C57AB-F8E2-4817-8912-1D7EB4EB63FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."
},
{
"lang": "es",
"value": "Puppet Server en versiones anteriores a 2.3.2 y Ruby puppetmaster en Puppet 4.x en versiones anteriores a 4.4.2 y en Puppet Agent en versiones anteriores a 1.4.2 podr\u00eda permitir a atacantes remotos eludir las restricciones destinas al acceso auth.conf aprovechando una decodificaci\u00f3n URL incorrecta."
}
],
"id": "CVE-2016-2785",
"lastModified": "2024-11-21T02:48:48.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T15:59:00.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-2785"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-2785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-02"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:57
Severity ?
Summary
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet_agent | * | |
| puppet | puppet_agent | * | |
| puppet | puppet_enterprise | * | |
| puppet | puppet_enterprise | * | |
| puppet | puppet_server | * | |
| puppet | puppet_server | * | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11269DE9-2406-4EFE-ACFE-5C3FE16562C8",
"versionEndExcluding": "6.25.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD44AF4-043F-48E1-899B-CABD5B7411D3",
"versionEndExcluding": "7.12.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35844F76-3BBD-4C76-B24A-1B385AAE1AFC",
"versionEndExcluding": "2019.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C274DEBD-397E-44AA-9490-D5D23EE98053",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "756F7C8A-F4EB-49ED-9E7C-08A98BB16E8D",
"versionEndExcluding": "6.17.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "161B6DB2-FE34-484B-90BE-65D65F45C457",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007"
},
{
"lang": "es",
"value": "Se ha detectado un fallo en Puppet Agent y Puppet Server que puede resultar en un filtrado de credenciales HTTP cuando se siguen redirecciones HTTP a un host diferente. Esto es similar a CVE-2018-1000007"
}
],
"id": "CVE-2021-27023",
"lastModified": "2024-11-21T05:57:11.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:09.273",
"references": [
{
"source": "security@puppet.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
},
{
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2021-27023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2021-27023"
}
],
"sourceIdentifier": "security@puppet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-29 21:15
Modified
2024-11-21 02:26
Severity ?
Summary
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby-lang | ruby | * | |
| ruby-lang | ruby | * | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | trunk | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| puppet | puppet_agent | 1.0.0 | |
| puppet | puppet_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5793852-ECE3-465A-B8A5-D506744191E9",
"versionEndExcluding": "2.1.6",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E69BA95-2D84-4E80-9617-3B2F2B02D9E9",
"versionEndExcluding": "2.2.2",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "45B882EE-85F9-42B0-85F3-0B6A9FF4BA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*",
"matchCriteriaId": "D2423B85-0971-42AC-8B64-819008BC5778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*",
"matchCriteriaId": "1C663278-3B2A-4B7C-959A-2AA804467F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*",
"matchCriteriaId": "B7927149-A76A-48BC-8405-7375FC7D7486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p353:*:*:*:*:*:*",
"matchCriteriaId": "3D627638-64AA-455B-9FEA-093D3773B9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p451:*:*:*:*:*:*",
"matchCriteriaId": "46485519-C2FB-4767-B699-9F51FDCF29E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p481:*:*:*:*:*:*",
"matchCriteriaId": "19CF27FB-DCF5-4533-B309-55615AE21A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p576:*:*:*:*:*:*",
"matchCriteriaId": "B9865DD1-F2AF-40B6-848A-EA9FD37034DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p594:*:*:*:*:*:*",
"matchCriteriaId": "C10BD21E-B9FA-4B57-B617-0108A00D6132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p598:*:*:*:*:*:*",
"matchCriteriaId": "3D5ABD47-64AC-4844-B78B-F0D3BC3B8F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:ruby:2.0.0:p643:*:*:*:*:*:*",
"matchCriteriaId": "4EF7FDAD-9CAF-452D-B229-EF7C390DE712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ruby-lang:trunk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A56FC0D-59AE-48DD-9DD8-3CC0E6DC0F80",
"versionEndExcluding": "50292",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB7E6DC-B6C3-452B-98F7-09D0CE0879E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82B0F981-35E1-4C9D-9D16-DDB0CA341FEF",
"versionEndExcluding": "3.8.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters."
},
{
"lang": "es",
"value": "La funci\u00f3n Verified_certificate_identity en la extensi\u00f3n OpenSSL en Ruby versiones anteriores a 2.0.0 patchlevel 645, versiones 2.1.x anteriores a 2.1.6 y versiones 2.2.x anteriores 2.2.2, no comprueba apropiadamente los nombres de host, lo que permite a atacantes remotos falsificar servidores por medio de vectores relacionados con (1) m\u00faltiples wildcards, (1) wildcards en nombres IDNA, (3) sensibilidad a may\u00fasculas y min\u00fasculas y (4) caracteres no ASCII."
}
],
"id": "CVE-2015-1855",
"lastModified": "2024-11-21T02:26:16.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-29T21:15:10.807",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3245"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3246"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3247"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.ruby-lang.org/issues/9644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://puppetlabs.com/security/cve/cve-2015-1855"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.ruby-lang.org/issues/9644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://puppetlabs.com/security/cve/cve-2015-1855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-06 15:29
Modified
2024-11-21 02:54
Severity ?
Summary
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@puppet.com | https://puppet.com/security/cve/cve-2016-5713 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/cve-2016-5713 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet_agent | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE84DE0-1FFF-43FE-AE90-59FCA9444C9F",
"versionEndExcluding": "1.6.0",
"versionStartIncluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0."
},
{
"lang": "es",
"value": "Las versiones de Puppet Agent anteriores a la 1.6.0 inclu\u00edan una versi\u00f3n del agente Puppet Execution Protocol (PXP) que pasaba variables del entorno a ejecuciones Puppet. Esto podr\u00eda permitir la carga de c\u00f3digo no autorizado. Este error fue introducido por primera vez en Puppet Agent 1.3.0."
}
],
"id": "CVE-2016-5713",
"lastModified": "2024-11-21T02:54:52.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-06T15:29:00.217",
"references": [
{
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-5713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2016-5713"
}
],
"sourceIdentifier": "security@puppet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-19 21:15
Modified
2024-11-21 05:38
Severity ?
Summary
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@puppet.com | https://puppet.com/security/cve/CVE-2020-7942/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/CVE-2020-7942/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet | * | |
| puppet | puppet | * | |
| puppet | puppet_agent | * | |
| puppet | puppet_agent | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1316D93-D540-4E07-97B9-0FD9DAC19D5E",
"versionEndExcluding": "5.5.19",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A32C5AF-A28C-464B-949D-570BD98D36C9",
"versionEndExcluding": "6.13.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09EAB60C-0BE2-4FCA-9867-2D6CA4F84F35",
"versionEndExcluding": "5.5.19",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C76E5E7E-185B-48E7-AC61-C7F97F1B46BC",
"versionEndExcluding": "6.13.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node\u0027s catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19"
},
{
"lang": "es",
"value": "Anteriormente, Puppet operaba en un modelo en el que un nodo con un certificado v\u00e1lido ten\u00eda derecho a toda la informaci\u00f3n del sistema y que un certificado comprometido permit\u00eda el acceso a todo en la infraestructura. Cuando el cat\u00e1logo de un nodo retrocede al nodo \"default\", el cat\u00e1logo puede ser recuperado para un nodo diferente mediante la modificaci\u00f3n de datos para una ejecuci\u00f3n de Puppet. Este problema puede ser mitigado al configurar \"strictly_hostname_checking = true\" en \"puppet.conf\" en su maestro de Puppet. Puppet versi\u00f3n 6.13.0 y versi\u00f3n 5.5.19 cambia el comportamiento predeterminado para el strict_hostname_checking de falso a verdadero. Se recomienda que los usuarios de Puppet Open Source y Puppet Enterprise que no est\u00e1n actualizando establezcan stric_nombre_host_checking en verdadero para garantizar un comportamiento seguro. Versiones de software afectadas: Puppet versi\u00f3n 6.x en versiones anteriores a la 6.13.0 Puppet Agent versi\u00f3n 6.x en versiones anteriores a la 6.13.0 Puppet versi\u00f3n 5.5.x en versiones anteriores a la 5.5.19 Puppet Agent versi\u00f3n 5.5.x en versiones anteriores a la 5.5.19 Resuelto en: Puppet versi\u00f3n 6.13.0 Puppet Agente versi\u00f3n 6.13.0 Puppet versi\u00f3n 5.5.19 Puppet Agent versi\u00f3n 5.5.19."
}
],
"id": "CVE-2020-7942",
"lastModified": "2024-11-21T05:38:03.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-19T21:15:11.747",
"references": [
{
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2020-7942/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2020-7942/"
}
],
"sourceIdentifier": "security@puppet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:57
Severity ?
Summary
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| puppet | puppet | * | |
| puppet | puppet_agent | * | |
| puppet | puppet_agent | * | |
| puppet | puppet_agent | * | |
| puppet | puppet_enterprise | * | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:puppet:puppet:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "24089512-FFBB-4139-886F-571238403529",
"versionEndExcluding": "2021.4.0",
"versionStartIncluding": "2021.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11269DE9-2406-4EFE-ACFE-5C3FE16562C8",
"versionEndExcluding": "6.25.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D926D2F2-E61A-4789-AD31-17EEFD30D1FD",
"versionEndIncluding": "5.5.22",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD44AF4-043F-48E1-899B-CABD5B7411D3",
"versionEndExcluding": "7.12.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35844F76-3BBD-4C76-B24A-1B385AAE1AFC",
"versionEndExcluding": "2019.8.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first \u0027pluginsync\u0027."
},
{
"lang": "es",
"value": "Se ha detectado un fallo en Puppet Agent donde el agente puede ignorar silenciosamente la configuraci\u00f3n de Augeas o puede ser vulnerable a una condici\u00f3n de denegaci\u00f3n de servicio antes del primer \"pluginsync\"."
}
],
"id": "CVE-2021-27025",
"lastModified": "2024-11-21T05:57:12.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:09.503",
"references": [
{
"source": "security@puppet.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
},
{
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2021-27025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://puppet.com/security/cve/cve-2021-27025"
}
],
"sourceIdentifier": "security@puppet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-5714
Vulnerability from cvelistv5
Published
2017-10-18 18:00
Modified
2024-08-06 01:07
Severity ?
EPSS score ?
Summary
Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability."
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/pxp-agent-oct-2016 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201710-12 | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.gentoo.org/597684 | x_refsource_MISC | |
| https://puppet.com/security/cve/cve-2016-5714 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:07:59.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/pxp-agent-oct-2016"
},
{
"name": "GLSA-201710-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-12"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gentoo.org/597684"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2016-5714"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka \"Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-08T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/pxp-agent-oct-2016"
},
{
"name": "GLSA-201710-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-12"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gentoo.org/597684"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/cve-2016-5714"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5714",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka \"Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/pxp-agent-oct-2016",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/pxp-agent-oct-2016"
},
{
"name": "GLSA-201710-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-12"
},
{
"name": "https://bugs.gentoo.org/597684",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/597684"
},
{
"name": "https://puppet.com/security/cve/cve-2016-5714",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2016-5714"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5714",
"datePublished": "2017-10-18T18:00:00",
"dateReserved": "2016-06-16T00:00:00",
"dateUpdated": "2024-08-06T01:07:59.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2785
Vulnerability from cvelistv5
Published
2016-06-10 15:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201606-02 | vendor-advisory, x_refsource_GENTOO | |
| https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2 | x_refsource_CONFIRM | |
| https://puppet.com/security/cve/cve-2016-2785 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:32:21.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2016-2785"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/cve-2016-2785"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201606-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-02"
},
{
"name": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2",
"refsource": "CONFIRM",
"url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"
},
{
"name": "https://puppet.com/security/cve/cve-2016-2785",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2016-2785"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2785",
"datePublished": "2016-06-10T15:00:00",
"dateReserved": "2016-02-29T00:00:00",
"dateUpdated": "2024-08-05T23:32:21.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2786
Vulnerability from cvelistv5
Published
2016-06-10 15:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/CVE-2016-2786 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201606-02 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:32:20.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/CVE-2016-2786"
},
{
"name": "GLSA-201606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/CVE-2016-2786"
},
{
"name": "GLSA-201606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/CVE-2016-2786",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/CVE-2016-2786"
},
{
"name": "GLSA-201606-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2786",
"datePublished": "2016-06-10T15:00:00",
"dateReserved": "2016-02-29T00:00:00",
"dateUpdated": "2024-08-05T23:32:20.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1855
Vulnerability from cvelistv5
Published
2019-11-29 20:46
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2015/dsa-3247 | x_refsource_MISC | |
| http://www.debian.org/security/2015/dsa-3245 | x_refsource_MISC | |
| http://www.debian.org/security/2015/dsa-3246 | x_refsource_MISC | |
| https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ | x_refsource_MISC | |
| https://puppetlabs.com/security/cve/cve-2015-1855 | x_refsource_MISC | |
| https://bugs.ruby-lang.org/issues/9644 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3247"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3245"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3246"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://puppetlabs.com/security/cve/cve-2015-1855"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.ruby-lang.org/issues/9644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ruby",
"vendor": "Ruby",
"versions": [
{
"status": "affected",
"version": "before 2.0.0 patchlevel 645"
},
{
"status": "affected",
"version": "2.1.x before 2.1.6"
},
{
"status": "affected",
"version": "and 2.2.x before 2.2.2"
}
]
}
],
"datePublic": "2015-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T20:46:48",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2015/dsa-3247"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2015/dsa-3245"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.debian.org/security/2015/dsa-3246"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://puppetlabs.com/security/cve/cve-2015-1855"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.ruby-lang.org/issues/9644"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ruby",
"version": {
"version_data": [
{
"version_value": "before 2.0.0 patchlevel 645"
},
{
"version_value": "2.1.x before 2.1.6"
},
{
"version_value": "and 2.2.x before 2.2.2"
}
]
}
}
]
},
"vendor_name": "Ruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.debian.org/security/2015/dsa-3247",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3247"
},
{
"name": "http://www.debian.org/security/2015/dsa-3245",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3245"
},
{
"name": "http://www.debian.org/security/2015/dsa-3246",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3246"
},
{
"name": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/",
"refsource": "MISC",
"url": "https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/"
},
{
"name": "https://puppetlabs.com/security/cve/cve-2015-1855",
"refsource": "MISC",
"url": "https://puppetlabs.com/security/cve/cve-2015-1855"
},
{
"name": "https://bugs.ruby-lang.org/issues/9644",
"refsource": "MISC",
"url": "https://bugs.ruby-lang.org/issues/9644"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1855",
"datePublished": "2019-11-29T20:46:48",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5713
Vulnerability from cvelistv5
Published
2017-12-06 15:00
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/cve-2016-5713 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Puppet | Puppet Agent |
Version: Introduced in 1.3.0, fixed in 1.6.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:07:59.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2016-5713"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Puppet Agent",
"vendor": "Puppet",
"versions": [
{
"status": "affected",
"version": "Introduced in 1.3.0, fixed in 1.6.0"
}
]
}
],
"datePublic": "2016-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-06T14:57:02",
"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"shortName": "puppet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/cve-2016-5713"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"DATE_PUBLIC": "2016-08-11T00:00:00",
"ID": "CVE-2016-5713",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet Agent",
"version": {
"version_data": [
{
"version_value": "Introduced in 1.3.0, fixed in 1.6.0"
}
]
}
}
]
},
"vendor_name": "Puppet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2016-5713",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2016-5713"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"assignerShortName": "puppet",
"cveId": "CVE-2016-5713",
"datePublished": "2017-12-06T15:00:00Z",
"dateReserved": "2016-06-16T00:00:00",
"dateUpdated": "2024-09-17T00:06:12.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-27023
Vulnerability from cvelistv5
Published
2021-11-18 14:33
Modified
2024-08-03 20:40
Severity ?
EPSS score ?
Summary
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/CVE-2021-27023 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Puppet Enterprise, Puppet Server, Puppet Agent |
Version: Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4, Puppet Server prior to 6.17.1, Puppet Server prior to 7.4.2, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://puppet.com/security/cve/CVE-2021-27023"
},
{
"name": "FEDORA-2021-1c0e788093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Puppet Enterprise, Puppet Server, Puppet Agent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4, Puppet Server prior to 6.17.1, Puppet Server prior to 7.4.2, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unsafe HTTP Redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-28T02:06:16",
"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"shortName": "puppet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://puppet.com/security/cve/CVE-2021-27023"
},
{
"name": "FEDORA-2021-1c0e788093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"ID": "CVE-2021-27023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet Enterprise, Puppet Server, Puppet Agent",
"version": {
"version_data": [
{
"version_value": "Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4, Puppet Server prior to 6.17.1, Puppet Server prior to 7.4.2, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsafe HTTP Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/CVE-2021-27023",
"refsource": "MISC",
"url": "https://puppet.com/security/cve/CVE-2021-27023"
},
{
"name": "FEDORA-2021-1c0e788093",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"assignerShortName": "puppet",
"cveId": "CVE-2021-27023",
"datePublished": "2021-11-18T14:33:18",
"dateReserved": "2021-02-09T00:00:00",
"dateUpdated": "2024-08-03T20:40:47.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-27025
Vulnerability from cvelistv5
Published
2021-11-18 14:30
Modified
2024-08-03 20:40
Severity ?
EPSS score ?
Summary
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/cve-2021-27025 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Puppet Enterprise, Puppet Agent |
Version: - Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4.0, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1, Puppet Agent 5.5.x |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2021-27025"
},
{
"name": "FEDORA-2021-1c0e788093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Puppet Enterprise, Puppet Agent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "- Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4.0, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1, Puppet Agent 5.5.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first \u0027pluginsync\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Silent Configuration Failure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-28T02:06:18",
"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"shortName": "puppet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://puppet.com/security/cve/cve-2021-27025"
},
{
"name": "FEDORA-2021-1c0e788093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"ID": "CVE-2021-27025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet Enterprise, Puppet Agent",
"version": {
"version_data": [
{
"version_value": "- Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4.0, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1, Puppet Agent 5.5.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first \u0027pluginsync\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Silent Configuration Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2021-27025",
"refsource": "MISC",
"url": "https://puppet.com/security/cve/cve-2021-27025"
},
{
"name": "FEDORA-2021-1c0e788093",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"assignerShortName": "puppet",
"cveId": "CVE-2021-27025",
"datePublished": "2021-11-18T14:30:36",
"dateReserved": "2021-02-09T00:00:00",
"dateUpdated": "2024-08-03T20:40:47.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7942
Vulnerability from cvelistv5
Published
2020-02-19 20:52
Modified
2024-08-04 09:48
Severity ?
EPSS score ?
Summary
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19
References
| ▼ | URL | Tags |
|---|---|---|
| https://puppet.com/security/cve/CVE-2020-7942/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Puppet | Puppet |
Version: 5.5.x prior to 5.5.19 Version: Fixed in 5.5.19 Version: 6.x prior to 6.13.0 Version: Fixed in 6.13.0 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:24.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/CVE-2020-7942/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Puppet",
"vendor": "Puppet",
"versions": [
{
"status": "affected",
"version": "5.5.x prior to 5.5.19"
},
{
"status": "affected",
"version": "Fixed in 5.5.19"
},
{
"status": "affected",
"version": "6.x prior to 6.13.0"
},
{
"status": "affected",
"version": "Fixed in 6.13.0"
}
]
},
{
"product": "Puppet Agent",
"vendor": "Puppet",
"versions": [
{
"status": "affected",
"version": "5.5.x prior to 5.5.19"
},
{
"status": "affected",
"version": "Fixed in 5.5.19"
},
{
"status": "affected",
"version": "6.x prior to 6.13.0"
},
{
"status": "affected",
"version": "Fixed in 6.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node\u0027s catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary retrieval",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-02T19:00:07",
"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"shortName": "puppet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/CVE-2020-7942/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"ID": "CVE-2020-7942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet",
"version": {
"version_data": [
{
"version_value": "5.5.x prior to 5.5.19"
},
{
"version_value": "Fixed in 5.5.19"
},
{
"version_value": "6.x prior to 6.13.0"
},
{
"version_value": "Fixed in 6.13.0"
}
]
}
},
{
"product_name": "Puppet Agent",
"version": {
"version_data": [
{
"version_value": "5.5.x prior to 5.5.19"
},
{
"version_value": "Fixed in 5.5.19"
},
{
"version_value": "6.x prior to 6.13.0"
},
{
"version_value": "Fixed in 6.13.0"
}
]
}
}
]
},
"vendor_name": "Puppet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node\u0027s catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary retrieval"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/CVE-2020-7942/",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/CVE-2020-7942/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"assignerShortName": "puppet",
"cveId": "CVE-2020-7942",
"datePublished": "2020-02-19T20:52:03",
"dateReserved": "2020-01-23T00:00:00",
"dateUpdated": "2024-08-04T09:48:24.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}