Lucene search

K

PRIOn knowledge basePRION:CVE-2013-1655

HistoryMar 20, 2013 - 4:55 p.m.

Code injection

2013-03-2016:55:00

PRIOn knowledge base

www.prio-n.com

3

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.096 Low

EPSS

Percentile

94.6%

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to “serialized attributes.”

CPENameOperatorVersion
puppeteq2.7.2
puppeteq2.7.3
puppeteq2.7.4
puppeteq2.7.5
puppeteq2.7.6
puppeteq2.7.7
puppeteq2.7.8
puppeteq2.7.9
puppeteq2.7.10
puppeteq2.7.11

Rows per page:

1-10 of 221

References

lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html

lists.opensuse.org/opensuse-updates/2013-04/msg00056.html

secunia.com/advisories/52596

ubuntu.com/usn/usn-1759-1

www.debian.org/security/2013/dsa-2643

www.securityfocus.com/bid/58442

puppetlabs.com/security/cve/cve-2013-1655/

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.096 Low

EPSS

Percentile

94.6%

Related for PRION:CVE-2013-1655

cve1 github1 nessus9 debiancve1 ubuntucve1 osv2 securityvulns2 openvas10 ubuntu1 suse1 debian1 fedora2 freebsd1 gentoo1 photon2