Puppet Enterprise 3.x < 3.2.0 Multiple Vulnerabilities

medium Nessus Plugin ID 73135

Synopsis

A web application on the remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the Puppet Enterprise 3.x install on the remote host is prior to 3.2.0. As a result, it is reportedly affected by multiple vulnerabilities :

- An error exists related to the PE consoles and identity verification that could allow security bypasses. (CVE-2013-4966)

- An unspecified error exists related to endpoint nodes that could allow information disclosure. (CVE-2013-4971)

- SET ROLE bypasses lack of ADMIN OPTION when granting roles. (CVE-2014-0060)

- An error exists in the included Ruby on Rails version related to the text rendering component of Action View and handling MIME types that are converted to symbols that could allow denial of service attacks.
(CVE-2014-0082)

Solution

Upgrade to Puppet Enterprise 3.2.1 or later.

Note that the issues were reportedly addressed in 3.2.0, but that release was pulled because it contained two major issues.

See Also

https://puppet.com/security/cve/cve-2014-0082

http://www.nessus.org/u?864eaaed

https://puppet.com/security/cve/cve-2013-4966

https://puppet.com/security/cve/cve-2013-4971

https://puppet.com/security/cve/cve-2014-0060

Plugin Details

Severity: Medium

ID: 73135

File Name: puppet_enterprise_321.nasl

Version: 1.10

Type: remote

Family: CGI abuses

Published: 3/21/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2013-4966

Vulnerability Information

CPE: cpe:/a:puppetlabs:puppet

Required KB Items: puppet/rest_port

Exploit Ease: No exploit is required

Patch Publication Date: 3/4/2014

Vulnerability Publication Date: 2/17/2014

Reference Information

CVE: CVE-2013-4966, CVE-2013-4971, CVE-2014-0060, CVE-2014-0082

BID: 65604, 65723, 65992, 65993