CVE-2017-2295Deserialization of Untrusted Data in Puppet

CWE-502Deserialization of Untrusted Data14 documents8 sources
Severity
8.2HIGHNVD
OSV6.2OSV5.5
EPSS
1.9%
top 16.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
PuppetPuppet ServerDebian Linux
Timeline
PublishedJul 5
Latest updateMay 14

Description

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:NExploitability: 1.8 | Impact: 5.8

Affected Packages4 packages

CVEListV5puppet/puppet_serverPuppet prior to 4.10.1
Debianpuppet/puppet< 4.8.2-5
Ubuntupuppet/puppet< 3.4.3-1ubuntu1.2+1
NVDpuppet/puppet4.10.0

Also affects: Debian Linux 8.0

🔴Vulnerability Details

5
GHSA
GHSA-988w-9qqw-43hr: Versions of Puppet prior to 42022-05-14
OSV
puppet vulnerabilities2021-03-15
OSV
CVE-2017-2295: Versions of Puppet prior to 42017-07-05
CVEList
CVE-2017-2295: Versions of Puppet prior to 42017-07-05
OSV
puppet vulnerabilities2017-06-05

📋Vendor Advisories

4
Ubuntu
Puppet vulnerabilities2021-03-15
Ubuntu
Puppet vulnerabilities2017-06-05
Red Hat
puppet: Unsafe YAML deserialization2017-05-11
Debian
CVE-2017-2295: puppet - Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the ...2017

💬Community

4
Bugzilla
CVE-2017-2295 puppet: Unsafe YAML deserialization [openstack-rdo]2017-06-09
Bugzilla
CVE-2017-2295 puppet: Unsafe YAML deserialization [fedora-all]2017-05-19
Bugzilla
CVE-2017-2295 puppet: Unsafe YAML deserialization [epel-7]2017-05-19
Bugzilla
CVE-2017-2295 puppet: Unsafe YAML deserialization2017-05-19
CVE-2017-2295 — Deserialization of Untrusted Data | cvebase