Remote Code Execution Affecting puppet package, versions >=2.7.0, <2.7.22 >=3.0.0, <3.2.2
Threat Intelligence
EPSS
22.31% (97th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUBY-PUPPET-20325
- published 28 Feb 2017
- disclosed 28 Feb 2013
- credit Puppet Labs
Introduced: 28 Feb 2013
CVE-2013-3567 Open this link in a new tabOverview
When making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. An attacker may take advantage of this to craft a YAML payload that will cause the deserialization to construct an instance of any class in the ruby process and execute code from the payload.
References
- https://github.com/puppetlabs/puppet/commit/5926d1a117a5a14a39c57754ae123f48168798d1
- https://github.com/puppetlabs/puppet/commit/79b875e941e24e6e28c594e2d102263ce63f1b9d
- https://github.com/puppetlabs/puppet/commit/b01c7287ac0b9ada04f5516afb49a81eac018130
- https://github.com/puppetlabs/puppet/commit/cb607d950b4841b956f977b32cb255c595a7b728
- https://github.com/puppetlabs/puppet/commit/ce50d4ab992efdd1edd138d2a0eb6987213dcad1
- https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
- https://web.archive.org/web/20221205043307/https://puppet.com/security/cve/cve-2013-3567/
CVSS Scores
version 3.1