Vulnerability Details : CVE-2011-3872
Potential exploit
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
Products affected by CVE-2011-3872
- cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3872
2.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3872
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.6
|
LOW | AV:N/AC:H/Au:N/C:N/I:P/A:N |
4.9
|
2.9
|
NIST |
CWE ids for CVE-2011-3872
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3872
-
http://www.ubuntu.com/usn/USN-1238-2
USN-1238-2: Puppet regression | Ubuntu security notices
-
http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1
Important Security Announcement: AltNames Vulnerability [new version of puppet] - Google GroepenPatch
-
http://secunia.com/advisories/46964
Sign in
-
http://www.securityfocus.com/bid/50356
Puppet 'certdnsnames' Certificate Validation Security Bypass Vulnerability
-
http://secunia.com/advisories/46550
Sign inVendor Advisory
-
http://www.ubuntu.com/usn/USN-1238-1
USN-1238-1: Puppet vulnerability | Ubuntu security notices
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
Puppet X.509 spoofing CVE-2011-3872 Vulnerability Report
-
https://puppet.com/security/cve/cve-2011-3872
CVE-2011-3872 | Puppet
-
http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
Important Security Announcement: AltNames Vulnerability | Puppet
-
http://secunia.com/advisories/46578
Sign inVendor Advisory
-
http://secunia.com/advisories/46934
Sign in
Jump to