Vulnerability Details : CVE-2017-2295
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML.
Vulnerability category: Execute code
Products affected by CVE-2017-2295
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-2295
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 62 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-2295
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST | |
8.2
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
1.8
|
5.8
|
NIST |
CWE ids for CVE-2017-2295
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-2295
-
http://www.securityfocus.com/bid/98582
Multiple Puppet Products YAML Deserialization CVE-2017-2295 Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://puppet.com/security/cve/cve-2017-2295
CVE-2017-2295 - Puppet Server Remote Code Execution Via YAML Deserialization | PuppetVendor Advisory
-
http://www.debian.org/security/2017/dsa-3862
Debian -- Security Information -- DSA-3862-1 puppetThird Party Advisory
Jump to