Vulnerability Details : CVE-2018-11749
When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are sent via plaintext to the LDAP server. This affects Puppet Enterprise 2018.1.3, 2017.3.9, and 2016.4.14, and is fixed in Puppet Enterprise 2018.1.4, 2017.3.10, and 2016.4.15. It scored an 8.5 CVSS score.
Products affected by CVE-2018-11749
- Puppet » Puppet EnterpriseVersions from including (>=) 2017.3.0 and up to, including, (<=) 2017.3.9cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
- Puppet » Puppet EnterpriseVersions from including (>=) 2018.1.0 and up to, including, (<=) 2018.1.3cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
- cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-11749
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-11749
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-11749
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-11749
-
https://puppet.com/security/cve/cve-2018-11749
CVE-2018-11749 - RBAC User Authentication Request Done Over Plaintext | PuppetVendor Advisory
Jump to