Information disclosure in Puppet Agent - CVE-2012-3864
Published: August 6, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU43767
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2012-3864
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Puppet Labs
Affected software:
Puppet Agent
Puppet Agent
Detailed vulnerability description
The vulnerability allows a remote #AU# to gain access to sensitive information.
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.
How to mitigate CVE-2012-3864
Install update from vendor's website.
Sources
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
- http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
- http://puppetlabs.com/security/cve/cve-2012-3864/
- http://secunia.com/advisories/50014
- http://www.debian.org/security/2012/dsa-2511
- http://www.ubuntu.com/usn/USN-1506-1
- https://bugzilla.redhat.com/show_bug.cgi?id=839130
- https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4
- https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87