CVE-2012-3866: Information Disclosure in Puppet
Plataforma
ruby
Componente
puppet
Corrigido em
2.7.18
CVE-2012-3866 is an information disclosure vulnerability affecting Puppet versions 2.7.x prior to 2.7.18 and Puppet Enterprise versions before 2.5.2. This flaw stems from the use of overly permissive (0644) file permissions for the lastrunreport.yaml file on the Puppet master server. An attacker with local access can exploit this to retrieve sensitive configuration information.
Detecte esta CVE no seu projeto
Envie seu arquivo Gemfile.lock e descubra na hora se você está afetado.
Impacto e Cenários de Ataquetraduzindo…
The primary impact of CVE-2012-3866 is the potential exposure of sensitive configuration data. The lastrunreport.yaml file contains details about Puppet agent runs, including resource declarations, node configurations, and potentially secrets or credentials embedded within those configurations. Successful exploitation could allow an attacker to map out the Puppet infrastructure, identify critical resources, and potentially discover credentials used for automation. While the vulnerability requires local access to the Puppet master, this access could be gained through other means, expanding the potential blast radius. This vulnerability is similar in impact to other configuration file exposure vulnerabilities where sensitive data is inadvertently made accessible.
Contexto de Exploraçãotraduzindo…
CVE-2012-3866 has been publicly disclosed and is not currently known to be actively exploited in the wild. Its CVSS score of 2.5 (LOW) reflects the requirement for local access. There are no known public exploits or proof-of-concept code. The vulnerability was published in 2017, suggesting it has been known for a considerable time. It is not listed on KEV or EPSS, indicating a low probability of exploitation.
Inteligência de Ameaças
Status do Exploit
EPSS
0.05% (percentil 16%)
Software Afetado
Linha do tempo
- Publicada
- Modificada
- EPSS atualizado
Mitigação e Soluções Alternativastraduzindo…
The primary mitigation for CVE-2012-3866 is to upgrade Puppet to version 2.7.18 or later, or Puppet Enterprise to version 2.5.2 or later. If an immediate upgrade is not feasible, consider restricting access to the Puppet master server to only authorized personnel. Implement strict file permissions on the Puppet master, ensuring that the lastrunreport.yaml file has more restrictive permissions (e.g., 0600). Regularly review Puppet configurations for any hardcoded secrets or credentials. After upgrade, confirm the fix by verifying the file permissions of lastrunreport.yaml on the Puppet master server.
Como corrigirtraduzindo…
Nenhum patch oficial disponível. Procure alternativas ou monitore atualizações.
Perguntas frequentestraduzindo…
What is CVE-2012-3866 — Information Disclosure in Puppet?
CVE-2012-3866 is a vulnerability in Puppet versions ≤2.7.9 and Puppet Enterprise before 2.5.2 that allows local users to read sensitive configuration data from the lastrunreport.yaml file due to incorrect file permissions.
Am I affected by CVE-2012-3866 in Puppet?
You are affected if you are running Puppet versions 2.7.x prior to 2.7.18 or Puppet Enterprise versions before 2.5.2. Check your Puppet version and upgrade if necessary.
How do I fix CVE-2012-3866 in Puppet?
Upgrade Puppet to version 2.7.18 or later, or Puppet Enterprise to version 2.5.2 or later. Restrict access to the Puppet master and ensure the lastrunreport.yaml file has secure permissions (e.g., 0600).
Is CVE-2012-3866 being actively exploited?
Currently, CVE-2012-3866 is not known to be actively exploited in the wild, but it remains a potential risk if systems are not patched.
Where can I find the official Puppet advisory for CVE-2012-3866?
Refer to the Puppet security advisory for CVE-2012-3866: https://puppet.com/security/advisories/cve-2012-3866
Seu projeto está afetado?
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Detecte esta CVE no seu projeto
Envie seu arquivo Gemfile.lock e descubra na hora se você está afetado.
Escaneie seu projeto Ruby agora — sem conta
Envie seu Gemfile.lock e receba o relatório de vulnerabilidades instantaneamente. Sem conta. Enviar o arquivo é só o começo: com uma conta você obtém monitoramento contínuo, alertas por Slack/e-mail, relatórios multi-projeto e white-label.
Arraste e solte seu arquivo de dependências
composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...