Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9568

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2014-9568
Last Modified 17 Feb 2015 10:14:40
Published 03 Feb 2015 11:59:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-9568

Summary

puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.

Vulnerable Systems

Application

  • Puppetlabs Rabbitmq 3.0.0

  • Puppetlabs Rabbitmq 3.1.0

  • Puppetlabs Rabbitmq 4.0.0

  • Puppetlabs-rabbitmq 3.0.0

  • Puppetlabs-rabbitmq 3.1.0

  • Puppetlabs-rabbitmq 4.0.0


References

CONFIRM - http://puppetlabs.com/security/cve/cve-2014-9568


Last Updated: 27 May 2016 11:07:49