CVE-2022-3275
published 2022-10-07CVE-2022-3275: Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.09%
79.2th percentile
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | puppet-module-puppetlabs-apt | < puppet-module-puppetlabs-apt 9.0.1-1 (bookworm) | puppet-module-puppetlabs-apt 9.0.1-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| puppet | puppetlabs-apt | >= unspecified < 9.0.0 | 9.0.0 |
| puppet | puppetlabs-mysql | < 9.0.0 | 9.0.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is exploitable only when unsanitized input is passed to the puppetlabs-apt module; monitor Puppet manifests and ENC (External Node Classifier) inputs for unsanitized/user-controlled strings being supplied to apt module parameters. ↗
- →Scope is local; focus detection on local privilege escalation or local code execution scenarios within Puppet-managed nodes running puppetlabs-apt versions prior to 9.0.0. ↗
- ·Exploitation requires the attacker to supply unsanitized input to the puppetlabs-apt module; this is described as rare in typical Puppet/Puppet Enterprise deployments. ↗
- ·The fix is available in puppetlabs-apt version 9.0.0 and above (Debian packages resolved at 9.0.1-1); bullseye remains open/unpatched as of the tracked data. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_debian8.4HIGH
vendor_redhat8.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
wireshark: Crash in the OPUS protocol dissector that allows denial of service via packet injection or crafted capture file.
vendor_redhat·2022-12-13·CVSS 8.4
CVE-2022-3275 [HIGH] CWE-400 wireshark: Crash in the OPUS protocol dissector that allows denial of service via packet injection or crafted capture file.
wireshark: Crash in the OPUS protocol dissector that allows denial of service via packet injection or crafted capture file.
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.
A vulnerability was found in Wireshark. This issue could cause a crash in the OPUS protocol dissector in Wireshark that allows a denial of service via packet injection or crafted capture file.
Package: wireshark (Red Hat Enterprise Linux 6) - Not affected
Package: wireshark (Red Hat Enterprise Linux 7) - Not affected
Package: wireshark (Red Hat Enterprise Linux 8) - Not affected
Package
Debian
CVE-2022-3275: puppet-module-puppetlabs-apt - Command injection is possible in the puppetlabs-apt module prior to version 9.0....
vendor_debian·2022·CVSS 8.4
CVE-2022-3275 [HIGH] CVE-2022-3275: puppet-module-puppetlabs-apt - Command injection is possible in the puppetlabs-apt module prior to version 9.0....
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.
Scope: local
bookworm: resolved (fixed in 9.0.1-1)
bullseye: open
forky: resolved (fixed in 9.0.1-1)
sid: resolved (fixed in 9.0.1-1)
trixie: resolved (fixed in 9.0.1-1)
OSV
CVE-2022-3275: Command injection is possible in the puppetlabs-apt module prior to version 9
osv·2022-10-07·CVSS 9.8
CVE-2022-3275 [CRITICAL] CVE-2022-3275: Command injection is possible in the puppetlabs-apt module prior to version 9
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/https://puppet.com/security/cve/CVE-2022-3275https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/https://puppet.com/security/cve/CVE-2022-3275
2022-10-07
Published