CVE-2012-3866: Information Disclosure in Puppet
Plateforme
ruby
Composant
puppet
Corrigé dans
2.7.18
CVE-2012-3866 is an information disclosure vulnerability affecting Puppet versions 2.7.x prior to 2.7.18 and Puppet Enterprise versions before 2.5.2. This flaw stems from the use of overly permissive (0644) file permissions for the lastrunreport.yaml file on the Puppet master server. An attacker with local access can exploit this to retrieve sensitive configuration information.
Détecte cette CVE dans ton projet
Téléverse ton fichier Gemfile.lock et nous te dirons instantanément si tu es affecté.
Impact et Scénarios d'Attaquetraduction en cours…
The primary impact of CVE-2012-3866 is the potential exposure of sensitive configuration data. The lastrunreport.yaml file contains details about Puppet agent runs, including resource declarations, node configurations, and potentially secrets or credentials embedded within those configurations. Successful exploitation could allow an attacker to map out the Puppet infrastructure, identify critical resources, and potentially discover credentials used for automation. While the vulnerability requires local access to the Puppet master, this access could be gained through other means, expanding the potential blast radius. This vulnerability is similar in impact to other configuration file exposure vulnerabilities where sensitive data is inadvertently made accessible.
Contexte d'Exploitationtraduction en cours…
CVE-2012-3866 has been publicly disclosed and is not currently known to be actively exploited in the wild. Its CVSS score of 2.5 (LOW) reflects the requirement for local access. There are no known public exploits or proof-of-concept code. The vulnerability was published in 2017, suggesting it has been known for a considerable time. It is not listed on KEV or EPSS, indicating a low probability of exploitation.
Renseignement sur les Menaces
Statut de l'Exploit
EPSS
0.05% (percentile 16%)
Logiciel Affecté
Chronologie
- Publiée
- Modifiée
- EPSS mis à jour
Mitigation et Contournementstraduction en cours…
The primary mitigation for CVE-2012-3866 is to upgrade Puppet to version 2.7.18 or later, or Puppet Enterprise to version 2.5.2 or later. If an immediate upgrade is not feasible, consider restricting access to the Puppet master server to only authorized personnel. Implement strict file permissions on the Puppet master, ensuring that the lastrunreport.yaml file has more restrictive permissions (e.g., 0600). Regularly review Puppet configurations for any hardcoded secrets or credentials. After upgrade, confirm the fix by verifying the file permissions of lastrunreport.yaml on the Puppet master server.
Comment corrigertraduction en cours…
Aucun correctif officiel disponible. Recherchez des alternatives ou surveillez les mises à jour.
Questions fréquentestraduction en cours…
What is CVE-2012-3866 — Information Disclosure in Puppet?
CVE-2012-3866 is a vulnerability in Puppet versions ≤2.7.9 and Puppet Enterprise before 2.5.2 that allows local users to read sensitive configuration data from the lastrunreport.yaml file due to incorrect file permissions.
Am I affected by CVE-2012-3866 in Puppet?
You are affected if you are running Puppet versions 2.7.x prior to 2.7.18 or Puppet Enterprise versions before 2.5.2. Check your Puppet version and upgrade if necessary.
How do I fix CVE-2012-3866 in Puppet?
Upgrade Puppet to version 2.7.18 or later, or Puppet Enterprise to version 2.5.2 or later. Restrict access to the Puppet master and ensure the lastrunreport.yaml file has secure permissions (e.g., 0600).
Is CVE-2012-3866 being actively exploited?
Currently, CVE-2012-3866 is not known to be actively exploited in the wild, but it remains a potential risk if systems are not patched.
Where can I find the official Puppet advisory for CVE-2012-3866?
Refer to the Puppet security advisory for CVE-2012-3866: https://puppet.com/security/advisories/cve-2012-3866
Ton projet est-il affecté ?
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Détecte cette CVE dans ton projet
Téléverse ton fichier Gemfile.lock et nous te dirons instantanément si tu es affecté.
Scannez votre projet Ruby maintenant — sans compte
Téléchargez votre Gemfile.lock et obtenez le rapport de vulnérabilité instantanément. Pas de compte. Le téléchargement du fichier n'est qu'un début : avec un compte, vous bénéficiez d'une surveillance continue, d'alertes Slack/e-mail, de rapports multi-projets et en marque blanche.
Glissez-déposez votre fichier de dépendances
composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...