Lucene search
Cve.mitre.orgCVE-2023-2530HistoryJun 07, 2023 - 8:15 p.m.
CVE-2023-2530
2023-06-0720:15:09
cve.mitre.org
web.nvd.nist.gov
36
cve
2023
2530
privilege escalation
remote code execution
orchestration service
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.004
Percentile
73.7%
A privilege escalation allowing remote code execution was discovered in the orchestration service.
Affected configurations
Node
puppetpuppet_enterpriseRange2021.7.0–2021.7.3
ORpuppetpuppet_enterpriseMatch2023.0
ORpuppetpuppet_enterpriseMatch2023.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| puppet | puppet_enterprise | * | cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:* |
| puppet | puppet_enterprise | 2023.0 | cpe:2.3:a:puppet:puppet_enterprise:2023.0:*:*:*:*:*:*:* |
| puppet | puppet_enterprise | 2023.1.0 | cpe:2.3:a:puppet:puppet_enterprise:2023.1.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Puppet",
"product": "Puppet Enterprise",
"versions": [
{
"version": "2021.7.0",
"status": "affected",
"lessThan": "2021.7.4",
"versionType": "semver"
},
{
"version": "2023.0.0",
"status": "affected",
"lessThan": "2023.2.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Privilege escalation
2023-06-07 20:15:00
debiancve
debiancve
CVE-2023-2530
2023-06-07 20:15:09
cvelist
cvelist
CVE-2023-2530
2023-06-07 00:00:00
nessus
nessus
Puppet Enterprise 2021.x < 2021.0 / 2023.x < 2023.2 RCE
2023-11-01 00:00:00
nvd
nvd
CVE-2023-2530
2023-06-07 20:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.004
Percentile
73.7%
Related for CVE-2023-2530