Vulnerability Description
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Puppet | Puppet | <= 4.10.0 |
| Debian | Debian Linux | 8.0 |
Related Weaknesses (CWE)
References
- http://www.debian.org/security/2017/dsa-3862Third Party Advisory
- http://www.securityfocus.com/bid/98582Third Party AdvisoryVDB Entry
- https://puppet.com/security/cve/cve-2017-2295Vendor Advisory
- http://www.debian.org/security/2017/dsa-3862Third Party Advisory
- http://www.securityfocus.com/bid/98582Third Party AdvisoryVDB Entry
- https://puppet.com/security/cve/cve-2017-2295Vendor Advisory
FAQ
What is CVE-2017-2295?
CVE-2017-2295 is a vulnerability with a CVSS score of 8.2 (HIGH). Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in...
How severe is CVE-2017-2295?
CVE-2017-2295 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2295?
Check the references section above for vendor advisories and patch information. Affected products include: Puppet Puppet, Debian Debian Linux.