Vulnerability Details : CVE-2012-3864
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.
Vulnerability category: Information leak
Products affected by CVE-2012-3864
- cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.9:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.8:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.10:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.11:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.12:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.17:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.14:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.16:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:2.7.13:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet:*:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3864
0.40%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3864
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST |
CWE ids for CVE-2012-3864
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3864
-
https://bugzilla.redhat.com/show_bug.cgi?id=839130
839130 – (CVE-2012-3864) CVE-2012-3864 puppet: authenticated clients allowed to read arbitrary files from the puppet master
-
https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4
Add Selector terminus for file_content/file_metadata · puppetlabs/puppet@10f6cb8 · GitHubExploit;Patch
-
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
[security-announce] SUSE-SU-2012:0983-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-1506-1
USN-1506-1: Puppet vulnerabilities | Ubuntu security notices
-
http://puppetlabs.com/security/cve/cve-2012-3864/
CVE-2012-3864 | PuppetVendor Advisory
-
http://www.debian.org/security/2012/dsa-2511
Debian -- Security Information -- DSA-2511-1 puppet
-
http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
openSUSE-SU-2012:0891-1: moderate: puppet for multiple issues
-
https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87
Add Selector terminus for file_content/file_metadata · puppetlabs/puppet@c3c7462 · GitHubExploit;Patch
Jump to