CVE-2011-3848

Name of the Vulnerable Software and Affected Versions Puppet versions 2.6.x through 2.6.9 Puppet versions 2.7.x through 2.7.3

Description The issue allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations. This can be achieved via a double-encoded key parameter in the URI in version 2.7.x, or through the CN in the Subject of a CSR in versions 2.6 and 0.25. Additionally, there are multiple vulnerabilities in the Puppet package that can lead to breaches of confidentiality, integrity, and availability of protected information, which can be exploited locally.

Recommendations For Puppet versions 2.6.x through 2.6.9, update to version 2.6.10 or later. For Puppet versions 2.7.x through 2.7.3, update to version 2.7.4 or later. As a temporary workaround, consider restricting access to the key parameter in the URI and the CN in the Subject of a CSR to minimize the risk of exploitation.