Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-3408

Опубликовано: 10 июл. 2012
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat CloudForms Tools 1puppetAffected
Red Hat Enterprise MRG 1puppetWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=839166puppet: possible host impersonation when using certificates issues for IP address

EPSS

Процентиль: 49%
0.00257
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-3408

ubuntu
больше 13 лет назад

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.

nvd логотип

CVE-2012-3408

nvd
больше 13 лет назад

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.

debian логотип

CVE-2012-3408

debian
больше 13 лет назад

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet En ...

github логотип

GHSA-vxf6-w9mp-95hm

github
больше 8 лет назад

Puppet supports use of IP addresses in certnames without warning of potential risks

EPSS

Процентиль: 49%
0.00257
Низкий

2.6 Low

CVSS2