Vulnerability Details CVE-2011-3872
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.4%
CVSS Severity
CVSS v2 Score 2.6
References
- http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1
- http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
- http://secunia.com/advisories/46550
- http://secunia.com/advisories/46578
- http://secunia.com/advisories/46934
- http://secunia.com/advisories/46964
- http://www.securityfocus.com/bid/50356
- http://www.ubuntu.com/usn/USN-1238-1
- http://www.ubuntu.com/usn/USN-1238-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
- https://puppet.com/security/cve/cve-2011-3872
- http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1
- http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
- http://secunia.com/advisories/46550
- http://secunia.com/advisories/46578
- http://secunia.com/advisories/46934
- http://secunia.com/advisories/46964
- http://www.securityfocus.com/bid/50356
- http://www.ubuntu.com/usn/USN-1238-1
- http://www.ubuntu.com/usn/USN-1238-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
- https://puppet.com/security/cve/cve-2011-3872
Products affected by CVE-2011-3872
-
cpe:2.3:a:puppet:puppet:2.6.0
-
cpe:2.3:a:puppet:puppet:2.6.1
-
cpe:2.3:a:puppet:puppet:2.6.10
-
cpe:2.3:a:puppet:puppet:2.6.11
-
cpe:2.3:a:puppet:puppet:2.6.2
-
cpe:2.3:a:puppet:puppet:2.6.3
-
cpe:2.3:a:puppet:puppet:2.6.4
-
cpe:2.3:a:puppet:puppet:2.6.5
-
cpe:2.3:a:puppet:puppet:2.6.6
-
cpe:2.3:a:puppet:puppet:2.6.7
-
cpe:2.3:a:puppet:puppet:2.6.8
-
cpe:2.3:a:puppet:puppet:2.6.9
-
cpe:2.3:a:puppet:puppet:2.7.2
-
cpe:2.3:a:puppet:puppet:2.7.3
-
cpe:2.3:a:puppet:puppet:2.7.4
-
cpe:2.3:a:puppet:puppet:2.7.5
-
cpe:2.3:a:puppet:puppet_enterprise:1.2.0
-
cpe:2.3:a:puppet:puppet_enterprise:1.2.1
-
cpe:2.3:a:puppet:puppet_enterprise:1.2.2
-
cpe:2.3:a:puppet:puppet_enterprise:1.2.3
-
cpe:2.3:a:puppetlabs:puppet:2.7.0
-
cpe:2.3:a:puppetlabs:puppet:2.7.1
-
cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.0
-
cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.1