Vulnerability CVE-2020-7942

Vulnerability Name:

CVE-2020-7942 (CCN-176564)

Assigned:

2020-02-18

Published:

2020-02-18

Updated:

2021-12-30

Summary:

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-295

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2020-7942

Source: XF
Type: UNKNOWN
puppet-cve20207942-info-disc(176564)

Source: CCN
Type: Puppet Web site
CVE-2020-7942 - Arbitrary Catalog Retrieval in Puppet

Source: CONFIRM
Type: Vendor Advisory
https://puppet.com/security/cve/CVE-2020-7942/

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-7942

Vulnerable Configuration:

Configuration 1:

cpe:/a:puppet:puppet:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.19)

OR cpe:/a:puppet:puppet:*:*:*:*:*:*:*:* (Version >= 6.0.0 and < 6.13.0)

OR cpe:/a:puppet:puppet_agent:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.19)

OR cpe:/a:puppet:puppet_agent:*:*:*:*:*:*:*:* (Version >= 6.0.0 and < 6.13.0)

Configuration CCN 1:

cpe:/a:puppet:puppet:6.12.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20207942	V	CVE-2020-7942	2022-05-20
oval:org.opensuse.security:def:34013	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:34001	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:34002	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:29444	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:32985	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:14706	P	mariadb-10.2.18-1.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13846	P	hardlink-1.0-6.38 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13975	P	libvte9-0.28.2-19.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14068	P	xorg-x11-server-7.6_1.18.3-57.34 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13799	P	curl-7.37.0-31.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13882	P	libXvMC1-1.0.8-3.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14055	P	w3m-0.5.3-157.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14728	P	perl-Archive-Zip-1.34-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13863	P	libHX28-3.18-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14000	P	patch-2.7.5-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14044	P	sysvinit-tools-2.88+-96.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:30219	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:13710	P	python-pywbem-0.7.0-4.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30209	P	Security update for spice-gtk (Important)	2021-06-08
oval:org.opensuse.security:def:13732	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13702	P	ppc64-diag-2.6.9-2.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30077	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:30182	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:28961	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:29483	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:34636	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:33080	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:34477	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:30003	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:29395	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:34331	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:35530	P	clamav-0.96-0.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32850	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38349	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30802	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:28750	P	Security update for libmpfr	2020-12-01
oval:org.opensuse.security:def:33137	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:38457	P	python-cupshelpers on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33438	P	Security update for dnsmasq	2020-12-01
oval:org.opensuse.security:def:28830	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:38568	P	ctags on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37710	P	xlockmore on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30441	P	Security update for zlib (Moderate)	2020-12-01
oval:org.opensuse.security:def:34807	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:32759	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29104	P	Security update for gstreamer-0_10-plugins-base (Important)	2020-12-01
oval:org.opensuse.security:def:33526	P	Security update for w3m	2020-12-01
oval:org.opensuse.security:def:37941	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30700	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34097	P	Security update for microcode_ctl (Important)	2020-12-01
oval:org.opensuse.security:def:34231	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32771	P	perl-libwww-perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38189	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29992	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:34388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:30758	P	Security update for apache2-mod_jk (Moderate)	2020-12-01
oval:org.opensuse.security:def:28749	P	Security update for lzo	2020-12-01
oval:org.opensuse.security:def:34694	P	Security update for xorg-x11-libXfixes	2020-12-01
oval:org.opensuse.security:def:31478	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:33381	P	Security update for clamsap (Moderate)	2020-12-01
oval:org.opensuse.security:def:28761	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:38524	P	xorg-x11-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30355	P	Security update for w3m (Moderate)	2020-12-01
oval:org.opensuse.security:def:34782	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:29047	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:33487	P	Security update for libpoppler4	2020-12-01
oval:org.opensuse.security:def:39248	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:37805	P	gpgme on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30651	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:35489	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29341	P	Security update for SUSE Manager Client Tools (Critical)	2020-12-01
oval:org.opensuse.security:def:33593	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32760	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38099	P	xfsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29991	P	Security update for libtasn1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30739	P	Security update for a2ps	2020-12-01
oval:org.opensuse.security:def:38408	P	libz1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31440	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:33224	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29544	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:37709	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38496	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30298	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:34743	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:39206	P	libpolkit0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37721	P	SuSEfirewall2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30596	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:34851	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:29188	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:33549	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:38042	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34233	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:34271	P	Security update for puppet (Moderate)	2020-12-01

BACK