CVE-2011-3871 - Permissions, Privileges, and Access Control vulnerability in Puppet and Puppetlabs products

Publication

2011-10-27

Last modification

2019-07-10

Summary

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.

Classification

CWE-264 - Permissions, Privileges, and Access Control

Risk level (CVSS AV:L/AC:H/Au:N/C:C/I:C/A:C)

Medium

6.2

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Puppet Puppet  2.6.0 , 0.25.5 , 0.25.3 , 2.7.4 , 2.6.2 , 2.6.1 , 2.6.3 , 2.6.8 , 2.7.2 , 2.6.6 , 2.7.1 , 0.25.2 , 0.25.6 , 2.6.10 , 2.6.4 , 0.25.0 , 2.7.0 , 0.25.4 , 0.25.1 , 2.6.5 , 2.7.3 , 2.6.9 , 2.6.7