cnvd - cnvd-2018-04708

CNVD-2018-04708

Vulnerability from cnvd - Published: 2018-03-09

Title

Puppet Enterprise不正确凭证管理漏洞

Description

Puppet是美国Puppet实验室的一套基于客户端/服务器（C/S）架构的配置管理工具，它可用于管理配置文件、用户、cron任务、软件包、系统服务等。Puppet Enterprise是一个企业版。 Puppet Enterprise 2016.4.5之前的版本和2017.2.1之前的版本中存在安全漏洞。该漏洞产生的原因是Puppet Enterprise在返回带标签的RBAC访问令牌之前未能能正确认证用户。目前没有详细的漏洞细节提供。

Severity

中

Patch Name

Puppet Enterprise不正确凭证管理漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://puppet.com/security/cve/cve-2017-2297

Reference

https://puppet.com/security/cve/cve-2017-2297

Impacted products

Name
['Puppet Labs Puppet Enterprise <2016.4.5', 'Puppet Labs Puppet Enterprise <2017.2.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2297"
    }
  },
  "description": "Puppet\u662f\u7f8e\u56fdPuppet\u5b9e\u9a8c\u5ba4\u7684\u4e00\u5957\u57fa\u4e8e\u5ba2\u6237\u7aef/\u670d\u52a1\u5668\uff08C/S\uff09\u67b6\u6784\u7684\u914d\u7f6e\u7ba1\u7406\u5de5\u5177\uff0c\u5b83\u53ef\u7528\u4e8e\u7ba1\u7406\u914d\u7f6e\u6587\u4ef6\u3001\u7528\u6237\u3001cron\u4efb\u52a1\u3001\u8f6f\u4ef6\u5305\u3001\u7cfb\u7edf\u670d\u52a1\u7b49\u3002Puppet Enterprise\u662f\u4e00\u4e2a\u4f01\u4e1a\u7248\u3002\r\n\r\nPuppet Enterprise 2016.4.5\u4e4b\u524d\u7684\u7248\u672c\u548c2017.2.1\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662fPuppet Enterprise\u5728\u8fd4\u56de\u5e26\u6807\u7b7e\u7684RBAC\u8bbf\u95ee\u4ee4\u724c\u4e4b\u524d\u672a\u80fd\u80fd\u6b63\u786e\u8ba4\u8bc1\u7528\u6237\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "discovererName": "Puppet Labs",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://puppet.com/security/cve/cve-2017-2297",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04708",
  "openTime": "2018-03-09",
  "patchDescription": "Puppet\u662f\u7f8e\u56fdPuppet\u5b9e\u9a8c\u5ba4\u7684\u4e00\u5957\u57fa\u4e8e\u5ba2\u6237\u7aef/\u670d\u52a1\u5668\uff08C/S\uff09\u67b6\u6784\u7684\u914d\u7f6e\u7ba1\u7406\u5de5\u5177\uff0c\u5b83\u53ef\u7528\u4e8e\u7ba1\u7406\u914d\u7f6e\u6587\u4ef6\u3001\u7528\u6237\u3001cron\u4efb\u52a1\u3001\u8f6f\u4ef6\u5305\u3001\u7cfb\u7edf\u670d\u52a1\u7b49\u3002Puppet Enterprise\u662f\u4e00\u4e2a\u4f01\u4e1a\u7248\u3002\r\n\r\nPuppet Enterprise 2016.4.5\u4e4b\u524d\u7684\u7248\u672c\u548c2017.2.1\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662fPuppet Enterprise\u5728\u8fd4\u56de\u5e26\u6807\u7b7e\u7684RBAC\u8bbf\u95ee\u4ee4\u724c\u4e4b\u524d\u672a\u80fd\u80fd\u6b63\u786e\u8ba4\u8bc1\u7528\u6237\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Puppet Enterprise\u4e0d\u6b63\u786e\u51ed\u8bc1\u7ba1\u7406\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Puppet Labs Puppet Enterprise \u003c2016.4.5",
      "Puppet Labs Puppet Enterprise \u003c2017.2.1"
    ]
  },
  "referenceLink": "https://puppet.com/security/cve/cve-2017-2297",
  "serverity": "\u4e2d",
  "submitTime": "2018-02-02",
  "title": "Puppet Enterprise\u4e0d\u6b63\u786e\u51ed\u8bc1\u7ba1\u7406\u6f0f\u6d1e"
}

CVE-2017-2297 (GCVE-0-2017-2297)

Vulnerability from cvelistv5 – Published: 2018-02-01 22:00 – Updated: 2024-09-17 00:56

Summary

Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default for tokens.

Severity ?

No CVSS data available.

CWE

Authentication Bypass

Assigner

puppet

References

URL

Tags

https://puppet.com/security/cve/cve-2017-2297

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Puppet	Puppet Enterprise	Affected: 2016.4.x prior to 2016.4.5, 2016.5.x, 2017.1.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:48:05.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://puppet.com/security/cve/cve-2017-2297"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Puppet Enterprise",
          "vendor": "Puppet",
          "versions": [
            {
              "status": "affected",
              "version": "2016.4.x prior to 2016.4.5, 2016.5.x, 2017.1.x"
            }
          ]
        }
      ],
      "datePublic": "2018-02-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default for tokens."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-01T21:57:01",
        "orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
        "shortName": "puppet"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://puppet.com/security/cve/cve-2017-2297"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@puppet.com",
          "DATE_PUBLIC": "2018-02-01T00:00:00",
          "ID": "CVE-2017-2297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Puppet Enterprise",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2016.4.x prior to 2016.4.5, 2016.5.x, 2017.1.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Puppet"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default for tokens."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://puppet.com/security/cve/cve-2017-2297",
              "refsource": "CONFIRM",
              "url": "https://puppet.com/security/cve/cve-2017-2297"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
    "assignerShortName": "puppet",
    "cveId": "CVE-2017-2297",
    "datePublished": "2018-02-01T22:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-17T00:56:12.336Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-04708

CVE-2017-2297 (GCVE-0-2017-2297)

Tags

Sightings

Nomenclature