CVE-2016-3112 — Improper Access Control in Pulp

CWE-284 — Improper Access Control CWE-732 — Incorrect Permission Assignment5 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 37.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pulpproject Pulp

Timeline

PublishedJun 8

Latest updateMay 14

Description

client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDpulpproject/pulp2.8.2-1

Patches

Patch: pulp.plan.io ↗Patch: pulp.plan.io ↗

🔴Vulnerability Details

GHSA

GHSA-3j4c-jhfg-648f: client/consumer/cli↗2022-05-14

▶

CVEList

CVE-2016-3112: client/consumer/cli↗2017-06-08

▶

📋Vendor Advisories

Red Hat

pulp: Agent certificate containing private key is stored in world-readable file↗2016-04-13

▶

💬Community

Bugzilla

CVE-2016-3112 pulp: Agent certificate containing private key is stored in world-readable file↗2016-04-12

▶