Lucene search
HistoryFeb 03, 2015 - 4:59 p.m.
CVE-2014-9568
nvd
cve-2014-9568
puppetlabs-rabbitmq
erlang cookie
node facts
local users
sensitive information
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.
Affected configurations
Node
voxpupulirabbitmqMatch3.0.0puppet
ORvoxpupulirabbitmqMatch3.1.0puppet
ORvoxpupulirabbitmqMatch4.0.0puppet
Related
osv
osv
puppetlabs-rabbitmq allows local users to obtain sensitive information
2022-05-14 00:56:46
prion
prion
Design/Logic Flaw
2015-02-03 16:59:00
nvd
nvd
CVE-2014-9568
2015-02-03 16:59:07
github
github
puppetlabs-rabbitmq allows local users to obtain sensitive information
2022-05-14 00:56:46
cvelist
cvelist
CVE-2014-9568
2015-02-03 16:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-9568