CVE-2017-2298 — Improper Input Validation in Mcollective

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 49.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Puppet Mcollective Puppet Mcollective-sshkey-security

Timeline

PublishedJun 30

Latest updateMay 13

Description

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem".

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDpuppet/mcollective-sshkey-security0.5.0

▶CVEListV5puppet/mcollective< 0.5.1

Patches

Patch: puppet.com ↗Patch: puppet.com ↗

🔴Vulnerability Details

GHSA

GHSA-3wcp-fjfh-pw9r: The mcollective-sshkey-security plugin before 0↗2022-05-13

▶

CVEList

CVE-2017-2298: The mcollective-sshkey-security plugin before 0↗2017-06-30

▶