Lucene search
PRIOn knowledge basePRION:CVE-2012-3408HistoryAug 06, 2012 - 4:55 p.m.
Code injection
2012-08-0616:55:00
PRIOn knowledge base
www.prio-n.com
2
7 High
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.9%
lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.
| CPE | Name | Operator | Version |
|---|---|---|---|
| puppet_enterprise | lt | 2.5.2 | |
| puppet | lt | 2.7.18 |
Related
osv
osv
cve
cve
CVE-2012-3408
2012-08-06 16:55:00
ubuntucve
ubuntucve
CVE-2012-3408
2012-08-06 00:00:00
debiancve
debiancve
CVE-2012-3408
2012-08-06 16:55:00
github
github
nessus
nessus
Fedora 17 : puppet-2.7.18-1.fc17 (2012-10891)
2012-07-30 00:00:00
openvas
openvas
Fedora Update for puppet FEDORA-2012-10891
2012-08-30 00:00:00
Fedora Update for puppet FEDORA-2012-10891
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: puppet-2.7.18-1.fc17
2012-07-28 01:20:31
7 High
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.9%
Related for PRION:CVE-2012-3408