PT-2018-17602 · Puppet · Puppet Agent+1
Published
2018-06-11
·
Updated
2022-01-24
·
CVE-2018-6513
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Puppet Enterprise versions 2016.4.x through 2016.4.11
Puppet Enterprise versions 2017.3.x through 2017.3.6
Puppet Enterprise versions 2018.1.x through 2018.1.0
Puppet Agent versions 1.10.x through 1.10.12
Puppet Agent versions 5.3.x through 5.3.6
Puppet Agent versions 5.5.x through 5.5.1
Description
The issue allows an unprivileged user on Windows agents to write custom facts that can escalate privileges on the next puppet run. This is possible through the loading of shared libraries from untrusted paths.
Recommendations
For Puppet Enterprise versions 2016.4.x through 2016.4.11, update to version 2016.4.12 or later.
For Puppet Enterprise versions 2017.3.x through 2017.3.6, update to version 2017.3.7 or later.
For Puppet Enterprise versions 2018.1.x through 2018.1.0, update to version 2018.1.1 or later.
For Puppet Agent versions 1.10.x through 1.10.12, update to version 1.10.13 or later.
For Puppet Agent versions 5.3.x through 5.3.6, update to version 5.3.7 or later.
For Puppet Agent versions 5.5.x through 5.5.1, update to version 5.5.2 or later.
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Puppet Agent
Puppet Enterprise