CVE-2011-3848
MEDIUM severity · CVSS 5 · Path traversal
5CVSS MEDIUM
Summary
Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impactNone
Integrity impact—
Availability impactNone
Exploit probability (EPSS)1%
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Official patch: https://groups.google.com/group/puppet-announce/browse_thread/thread/e57ce2740feb9406 ↗
Additional information
- NVD record
- https://groups.google.com/group/puppet-announce/browse_thread/thread/e57ce2740feb9406Patch
- http://secunia.com/advisories/46628Advisory
- http://lists.opensuse.org/opensuse-updates/2011-10/msg00033.html
- http://www.debian.org/security/2011/dsa-2314
- http://www.ubuntu.com/usn/USN-1217-1
- https://puppet.com/security/cve/cve-2011-3848