CVE-2017-2292
N/A
N/A
Summary
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Puppet | mcollective, Puppet, Puppet Enterprise | Puppet Enterprise prior to 2016.4.5, Puppet Enterprise 2016.5.x, Puppet Enterprise 2017.1.x, Puppet Agent prior to 1.10.1 | affected |
Weaknesses
- Remote Code Execution Via YAML Deserialization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.