4

CVE-2013-2275

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PuppetPuppet Version2.6.0
PuppetPuppet Version2.6.1
PuppetPuppet Version2.6.2
PuppetPuppet Version2.6.3
PuppetPuppet Version2.6.4
PuppetPuppet Version2.6.5
PuppetPuppet Version2.6.6
PuppetPuppet Version2.6.7
PuppetPuppet Version2.6.8
PuppetPuppet Version2.6.9
PuppetPuppet Version2.6.10
PuppetPuppet Version2.6.11
PuppetPuppet Version2.6.12
PuppetPuppet Version2.6.13
PuppetPuppet Version2.6.14
PuppetPuppet Version2.6.15
PuppetPuppet Version2.6.16
PuppetlabsPuppet Version <= 2.6.17
PuppetPuppet Version2.7.2
PuppetPuppet Version2.7.3
PuppetPuppet Version2.7.4
PuppetPuppet Version2.7.5
PuppetPuppet Version2.7.6
PuppetPuppet Version2.7.7
PuppetPuppet Version2.7.8
PuppetPuppet Version2.7.9
PuppetPuppet Version2.7.10
PuppetPuppet Version2.7.11
PuppetPuppet Version2.7.12
PuppetPuppet Version2.7.13
PuppetPuppet Version2.7.14
PuppetPuppet Version2.7.16
PuppetPuppet Version2.7.17
PuppetPuppet Version2.7.18
PuppetlabsPuppet Version2.7.0
PuppetlabsPuppet Version2.7.1
PuppetlabsPuppet Version2.7.19
PuppetlabsPuppet Version2.7.20
PuppetlabsPuppet Version2.7.20 Updaterc1
PuppetPuppet Enterprise Version3.1.0
PuppetlabsPuppet SwEditionenterprise Version <= 1.2.6
PuppetPuppet Enterprise Version2.7.0
PuppetPuppet Enterprise Version2.7.1
CanonicalUbuntu Linux Version11.10
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version12.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.91% 0.852
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0710.html
Third Party Advisory
http://secunia.com/advisories/52596
Third Party Advisory
http://ubuntu.com/usn/usn-1759-1
Third Party Advisory
http://www.debian.org/security/2013/dsa-2643
Third Party Advisory
http://www.securityfocus.com/bid/58449
Third Party Advisory
VDB Entry
https://puppetlabs.com/security/cve/cve-2013-2275/
Vendor Advisory