Lucene search
HistoryFeb 17, 2014 - 4:55 p.m.
CVE-2011-0528
puppet
cve-2011-0528
access restriction
information security
vulnerability
nvd
6.1 Medium
AI Score
Confidence
Low
5.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
0.002 Low
EPSS
Percentile
53.2%
Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.
Affected configurations
Node
puppetpuppetMatch2.6.0
ORpuppetpuppetMatch2.6.1
ORpuppetpuppetMatch2.6.2
ORpuppetpuppetMatch2.6.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| puppet:puppet | puppet | eq | 2.6.0 |
| puppet:puppet | puppet | eq | 2.6.1 |
| puppet:puppet | puppet | eq | 2.6.2 |
| puppet:puppet | puppet | eq | 2.6.3 |
Related
prion
prion
Code injection
2014-02-17 16:55:00
nessus
nessus
Ubuntu 10.10 / 11.04 / 11.10 : Puppet vulnerability (USN-1365-1)
2012-02-15 00:00:00
nvd
nvd
CVE-2011-0528
2014-02-17 16:55:04
cvelist
cvelist
CVE-2011-0528
2014-02-17 16:00:00
osv
osv
Puppet does not properly restrict access to node resources
2022-05-14 00:56:55
debiancve
debiancve
CVE-2011-0528
2014-02-17 16:55:04
openvas
openvas
Ubuntu Update for puppet USN-1365-1
2012-02-21 00:00:00
Ubuntu: Security Advisory (USN-1365-1)
2012-02-21 00:00:00
github
github
Puppet does not properly restrict access to node resources
2022-05-14 00:56:55
redhatcve
redhatcve
CVE-2011-0528
2015-10-30 09:30:40
ubuntu
ubuntu
Puppet vulnerability
2012-02-14 00:00:00
ubuntucve
ubuntucve
CVE-2011-0528
2011-01-31 00:00:00
6.1 Medium
AI Score
Confidence
Low
5.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
0.002 Low
EPSS
Percentile
53.2%
Related for CVE-2011-0528