Lucene search

GitHub Advisory DatabaseGHSA-6XXQ-J39W-G3F6

HistoryMay 14, 2022 - 12:56 a.m.

Puppet Arbitrary Command Execution

2022-05-1400:56:45

CWE-77

CWE-78

GitHub Advisory Database

github.com

puppet

command execution

arbitrary

versions 2.6.x

2.7.x

puppet enterprise

remote users

ssl keys

file creation

filebucket request.

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.

Affected configurations

Vulners

Node

puppetpuppetRange2.7.0–2.7.13

puppetpuppetRange2.6.0–2.6.15

VendorProductVersionCPE
puppetpuppet*cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
puppet	puppet	*	cpe:2.3:a:puppet:puppet::::::::

References

lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html

lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html

projects.puppetlabs.com/issues/13518

projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15

puppetlabs.com/security/cve/cve-2012-1988/

ubuntu.com/usn/usn-1419-1

www.debian.org/security/2012/dsa-2451

exchange.xforce.ibmcloud.com/vulnerabilities/74796

github.com/advisories/GHSA-6xxq-j39w-g3f6

github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc

github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14

github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1988.yml

hermes.opensuse.org/messages/14523305

hermes.opensuse.org/messages/15087408

nvd.nist.gov/vuln/detail/CVE-2012-1988

web.archive.org/web/20120415105345/www.securityfocus.com/bid/52975

web.archive.org/web/20120513213112/projects.puppetlabs.com/issues/13518

web.archive.org/web/20120816020421/projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15

web.archive.org/web/20121013181707/puppetlabs.com/security/cve/cve-2012-1988/

web.archive.org/web/20121025112409/secunia.com/advisories/48789

web.archive.org/web/20121025113446/secunia.com/advisories/48748

web.archive.org/web/20121025194830/secunia.com/advisories/49136

web.archive.org/web/20121025194938/secunia.com/advisories/48743

web.archive.org/web/20121031092646/www.securityfocus.com/bid/52975

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON

Related for GHSA-6XXQ-J39W-G3F6