2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Package : puppet
Version : 2.6.2-5+squeeze10
CVE ID : CVE-2012-6120
It was discovered that the puppet package did not restrict the
permissions and ownership of the /var/log/puppet directory, which
may expose sensitive information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | puppet-testsuite | < 2.6.2-5+squeeze10 | puppet-testsuite_2.6.2-5+squeeze10_all.deb |
Debian | 6 | all | puppet-common | < 2.6.2-5+squeeze10 | puppet-common_2.6.2-5+squeeze10_all.deb |
Debian | 6 | all | puppetmaster | < 2.6.2-5+squeeze10 | puppetmaster_2.6.2-5+squeeze10_all.deb |
Debian | 6 | all | puppet-el | < 2.6.2-5+squeeze10 | puppet-el_2.6.2-5+squeeze10_all.deb |
Debian | 6 | all | vim-puppet | < 2.6.2-5+squeeze10 | vim-puppet_2.6.2-5+squeeze10_all.deb |
Debian | 6 | all | puppet | < 2.6.2-5+squeeze10 | puppet_2.6.2-5+squeeze10_all.deb |