CVE-2012-1986
First published: Tue May 29 2012(Updated: )
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction with a crafted REST request for a file in a filebucket.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/puppet | 5.5.10-4 5.5.22-2 | |
| Puppet | =2.6.0 | |
| Puppet | =2.6.1 | |
| Puppet | =2.6.2 | |
| Puppet | =2.6.3 | |
| Puppet | =2.6.4 | |
| Puppet | =2.6.5 | |
| Puppet | =2.6.6 | |
| Puppet | =2.6.7 | |
| Puppet | =2.6.8 | |
| Puppet | =2.6.9 | |
| Puppet | =2.6.10 | |
| Puppet | =2.6.11 | |
| Puppet | =2.6.12 | |
| Puppet | =2.6.13 | |
| Puppet | =2.6.14 | |
| Puppet | =2.7.2 | |
| Puppet | =2.7.3 | |
| Puppet | =2.7.4 | |
| Puppet | =2.7.5 | |
| Puppet | =2.7.6 | |
| Puppet | =2.7.7 | |
| Puppet | =2.7.8 | |
| Puppet | =2.7.9 | |
| Puppet | =2.7.10 | |
| Puppet | =2.7.11 | |
| Puppet Enterprise | =2.5.0 | |
| Puppet | =2.7.0 | |
| Puppet | =2.7.1 | |
| Puppet Enterprise | =1.2.0 | |
| Puppet Enterprise | =1.2.1 | |
| Puppet Enterprise | =1.2.2 | |
| Puppet Enterprise | =1.2.3 | |
| Puppet Enterprise | =1.2.4 | |
| Puppet Enterprise | =2.0.0 | |
| Puppet Enterprise | =2.0.1 | |
| Puppet Enterprise | =2.0.2 | |
| Puppetlabs Puppet Enterprise | =1.0 | |
| Puppetlabs Puppet Enterprise | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2012-1986
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
- http://projects.puppetlabs.com/issues/13511
- http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
- http://puppetlabs.com/security/cve/cve-2012-1986/
- http://secunia.com/advisories/48743
- http://secunia.com/advisories/48748
- http://secunia.com/advisories/48789
- http://secunia.com/advisories/49136
- http://ubuntu.com/usn/usn-1419-1
- http://www.debian.org/security/2012/dsa-2451
- http://www.securityfocus.com/bid/52975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
- https://hermes.opensuse.org/messages/14523305
- https://hermes.opensuse.org/messages/15087408
Frequently Asked Questions
What is the severity of CVE-2012-1986?
CVE-2012-1986 has been rated as a medium severity vulnerability due to the potential for unauthorized file access.
How do I fix CVE-2012-1986?
To fix CVE-2012-1986, you should upgrade to Puppet versions 2.6.15, 2.7.13, or later.
What systems are affected by CVE-2012-1986?
CVE-2012-1986 affects Puppet versions 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, as well as Puppet Enterprise users of specific early versions.
Can remote authenticated users exploit CVE-2012-1986?
Yes, remote authenticated users with an authorized SSL key and necessary permissions can exploit CVE-2012-1986 to read arbitrary files.
What type of attack is associated with CVE-2012-1986?
CVE-2012-1986 is associated with a symlink attack that allows unauthorized file access.
- collector/security-tracker-debian
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/puppet
- canonical/puppet
- version/puppet/2.6.0
- version/puppet/2.6.1
- version/puppet/2.6.2
- version/puppet/2.6.3
- version/puppet/2.6.4
- version/puppet/2.6.5
- version/puppet/2.6.6
- version/puppet/2.6.7
- version/puppet/2.6.8
- version/puppet/2.6.9
- version/puppet/2.6.10
- version/puppet/2.6.11
- version/puppet/2.6.12
- version/puppet/2.6.13
- version/puppet/2.6.14
- version/puppet/2.7.2
- version/puppet/2.7.3
- version/puppet/2.7.4
- version/puppet/2.7.5
- version/puppet/2.7.6
- version/puppet/2.7.7
- version/puppet/2.7.8
- version/puppet/2.7.9
- version/puppet/2.7.10
- version/puppet/2.7.11
- canonical/puppet enterprise
- version/puppet enterprise/2.5.0
- vendor/puppetlabs
- version/puppet/2.7.0
- version/puppet/2.7.1
- version/puppet enterprise/1.2.0
- version/puppet enterprise/1.2.1
- version/puppet enterprise/1.2.2
- version/puppet enterprise/1.2.3
- version/puppet enterprise/1.2.4
- version/puppet enterprise/2.0.0
- version/puppet enterprise/2.0.1
- version/puppet enterprise/2.0.2
- canonical/puppetlabs puppet enterprise
- version/puppetlabs puppet enterprise/1.0
- version/puppetlabs puppet enterprise/1.1