CVE-2012-3864

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87	Exploit Patch
https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4	Exploit Patch
https://bugzilla.redhat.com/show_bug.cgi?id=839130
http://puppetlabs.com/security/cve/cve-2012-3864/	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
http://www.debian.org/security/2012/dsa-2511
http://www.ubuntu.com/usn/USN-1506-1
http://secunia.com/advisories/50014
http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:puppet:puppet:2.6.15:::::::*
	cpe:2.3:a:puppetlabs:puppet::::::::
	cpe:2.3:a:puppet:puppet:2.6.11:::::::*
	cpe:2.3:a:puppet:puppet:2.6.4:::::::*
	cpe:2.3:a:puppet:puppet:2.6.5:::::::*
	cpe:2.3:a:puppetlabs:puppet:2.7.0:::::::*
	cpe:2.3:a:puppet:puppet:2.6.0:::::::*
	cpe:2.3:a:puppet:puppet:2.6.14:::::::*
	cpe:2.3:a:puppet:puppet:2.6.3:::::::*
	cpe:2.3:a:puppet:puppet:2.6.2:::::::*
	cpe:2.3:a:puppetlabs:puppet:2.7.1:::::::*
	cpe:2.3:a:puppet:puppet:2.6.1:::::::*
	cpe:2.3:a:puppet:puppet:2.6.6:::::::*
	cpe:2.3:a:puppet:puppet:2.6.7:::::::*
	cpe:2.3:a:puppet:puppet:2.6.8:::::::*
	cpe:2.3:a:puppet:puppet:2.6.9:::::::*
	cpe:2.3:a:puppet:puppet:2.6.10:::::::*
	cpe:2.3:a:puppet:puppet:2.6.12:::::::*
	cpe:2.3:a:puppet:puppet:2.6.13:::::::*
	cpe:2.3:a:puppet:puppet:2.7.2:::::::*
	cpe:2.3:a:puppet:puppet:2.7.3:::::::*
	cpe:2.3:a:puppet:puppet:2.7.4:::::::*
	cpe:2.3:a:puppet:puppet:2.7.5:::::::*
	cpe:2.3:a:puppet:puppet:2.7.6:::::::*
	cpe:2.3:a:puppet:puppet:2.7.7:::::::*
	cpe:2.3:a:puppet:puppet:2.7.8:::::::*
	cpe:2.3:a:puppet:puppet:2.7.9:::::::*
	cpe:2.3:a:puppet:puppet:2.7.10:::::::*
	cpe:2.3:a:puppet:puppet:2.7.11:::::::*
	cpe:2.3:a:puppet:puppet:2.7.12:::::::*
	cpe:2.3:a:puppet:puppet:2.7.14:::::::*
	cpe:2.3:a:puppet:puppet:2.7.16:::::::*
	cpe:2.3:a:puppet:puppet:2.7.17:::::::*
	cpe:2.3:a:puppet:puppet:2.7.13:::::::*

Configuration 2 (hide)

cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*

Information

Published : 2012-08-06 09:55

Updated : 2019-07-10 11:02

NVD link : CVE-2012-3864

Mitre link : CVE-2012-3864

JSON object : View

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Products Affected

puppet

puppet_enterprise
puppet

puppetlabs

puppet

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87", "name": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87", "tags": ["Exploit", "Patch"], "refsource": "CONFIRM"}, {"url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4", "name": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4", "tags": ["Exploit", "Patch"], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=839130", "tags": [], "refsource": "CONFIRM"}, {"url": "http://puppetlabs.com/security/cve/cve-2012-3864/", "name": "http://puppetlabs.com/security/cve/cve-2012-3864/", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html", "name": "SUSE-SU-2012:0983", "tags": [], "refsource": "SUSE"}, {"url": "http://www.debian.org/security/2012/dsa-2511", "name": "DSA-2511", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.ubuntu.com/usn/USN-1506-1", "name": "USN-1506-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://secunia.com/advisories/50014", "name": "50014", "tags": [], "refsource": "SECUNIA"}, {"url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html", "name": "openSUSE-SU-2012:0891", "tags": [], "refsource": "SUSE"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-200"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-3864", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-08-06T16:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.6.16"}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.5.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-07-10T18:02Z"}

4.0 /10