Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2275

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2013-2275
Last Modified 12 Apr 2013 10:59:38
Published 20 Mar 2013 12:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-2275

Summary

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 11.10

  • Canonical Ubuntu Linux 12.04

  • Canonical Ubuntu Linux 12.10

Application

  • Puppetlabs Puppet 1.0

  • Puppetlabs Puppet 1.1

  • Puppetlabs Puppet 1.2

  • Puppetlabs Puppet 2.6.0

  • Puppetlabs Puppet 2.6.1

  • Puppetlabs Puppet 2.6.10

  • Puppetlabs Puppet 2.6.11

  • Puppetlabs Puppet 2.6.12

  • Puppetlabs Puppet 2.6.13

  • Puppetlabs Puppet 2.6.14

  • Puppetlabs Puppet 2.6.15

  • Puppetlabs Puppet 2.6.16

  • Puppetlabs Puppet 2.6.17

  • Puppetlabs Puppet 2.6.2

  • Puppetlabs Puppet 2.6.3

  • Puppetlabs Puppet 2.6.4

  • Puppetlabs Puppet 2.6.5

  • Puppetlabs Puppet 2.6.6

  • Puppetlabs Puppet 2.6.7

  • Puppetlabs Puppet 2.6.8

  • Puppetlabs Puppet 2.6.9

  • Puppetlabs Puppet 2.7.0

  • Puppetlabs Puppet 2.7.1

  • Puppetlabs Puppet 2.7.10

  • Puppetlabs Puppet 2.7.11

  • Puppetlabs Puppet 2.7.12

  • Puppetlabs Puppet 2.7.13

  • Puppetlabs Puppet 2.7.14

  • Puppetlabs Puppet 2.7.16

  • Puppetlabs Puppet 2.7.17

  • Puppetlabs Puppet 2.7.18

  • Puppetlabs Puppet 2.7.19

  • Puppetlabs Puppet 2.7.2

  • Puppetlabs Puppet 2.7.20

  • Puppetlabs Puppet 2.7.3

  • Puppetlabs Puppet 2.7.4

  • Puppetlabs Puppet 2.7.5

  • Puppetlabs Puppet 2.7.6

  • Puppetlabs Puppet 2.7.7

  • Puppetlabs Puppet 2.7.8

  • Puppetlabs Puppet 2.7.9

  • Puppetlabs Puppet 3.1.0


References

CONFIRM - https://puppetlabs.com/security/cve/cve-2013-2275/

BID - 58449

DEBIAN - DSA-2643

UBUNTU - USN-1759-1

SECUNIA - 52596

SUSE - openSUSE-SU-2013:0641

SUSE - SUSE-SU-2013:0618

REDHAT - RHSA-2013:0710


Last Updated: 27 May 2016 11:02:06