CVE-2012-3865 — Path Traversal in Puppet

CWE-22 — Path Traversal11 documents8 sources

Severity

3.5LOWNVD

EPSS

1.2%

top 21.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Puppet Puppet Enterprise Puppetlabs Puppet

Timeline

PublishedAug 6

Latest updateOct 24

Description

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages5 packages

▶NVDpuppet/puppet_enterprise2.5.1

▶RubyGemspuppet/puppet2.7.0 — 2.7.18+1

▶Debianpuppet/puppet< 2.7.18-1

▶NVDpuppetlabs/puppet2.7.17+3

▶NVDpuppet/puppet29 versions+28

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Puppet vulnerable to Path Traversal↗2017-10-24

▶

OSV

Puppet vulnerable to Path Traversal↗2017-10-24

▶

OSV

CVE-2012-3865: Directory traversal vulnerability in lib/puppet/reports/store↗2012-08-06

▶

CVEList

CVE-2012-3865: Directory traversal vulnerability in lib/puppet/reports/store↗2012-08-06

▶

📋Vendor Advisories

Ubuntu

Puppet vulnerabilities↗2012-07-12

▶

Red Hat

puppet: authenticated clients allowed to delete arbitrary files on the puppet master↗2012-07-10

▶

Debian

CVE-2012-3865: puppet - Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet befor...↗2012

▶

💬Community

Bugzilla

CVE-2012-3864 CVE-2012-3865 CVE-2012-3867 puppet various flaws [fedora-16]↗2012-07-11

▶

Bugzilla

CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867 puppet various flaws [fedora-17]↗2012-07-11

▶

Bugzilla

CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master↗2012-07-11

▶