CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-6516
https://notcve.org/view.php?id=CVE-2018-6516
On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation. Solo en Windows, con un archivo de configuración específicamente manipulado, un atacante podría hacer que las herramientas del cliente Puppet PE (también conocidas como pe-client-tools) en versiones 16.4.x anteriores a la 16.4.6, versiones 17.3.x anteriores a la 17.3.6 y versiones 18.1.x anteriores a la 18.1.2 carguen código arbitrario con escalado de privilegios. • https://puppet.com/security/cve/CVE-2018-6516 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6513
https://notcve.org/view.php?id=CVE-2018-6513
Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an unprivileged user on Windows agents could write custom facts that can escalate privileges on the next puppet run. This was possible through the loading of shared libraries from untrusted paths. Puppet Enterprise en versiones 2016.4.x anteriores a la 2016.4.12, Puppet Enterprise 2017.3.x anteriores a la 2017.3.7, Puppet Enterprise 2018.1.x anteriores a la 2018.1.1, Puppet Agent 1.10.x anteriores a la 1.10.13, Puppet Agent 5.3.x anteriores a la 5.3.7 y Puppet Agent 5.5.x anteriores a la 5.5.2 eran vulnerables a un ataque en el que un usuario sin privilegios en los agentes de Windows podía escribir hechos personalizados para poder escalar privilegios en la ejecución del siguiente puppet. Esto era posible mediante la carga de librerías compartidas desde rutas no fiables. • https://puppet.com/security/cve/CVE-2018-6513 • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6512
https://notcve.org/view.php?id=CVE-2018-6512
The previous version of Puppet Enterprise 2018.1 is vulnerable to unsafe code execution when upgrading pe-razor-server. Affected releases are Puppet Enterprise: 2018.1.x versions prior to 2018.1.1 and razor-server and pe-razor-server prior to 1.9.0.0. Las versión anterior de Puppet Enterprise 2018.1 es vulnerable a la ejecución de código inseguro cuando se actualiza pe-razor-server. Las versiones de Puppet Enterprise afectadas son: versiones 2018.1.x anteriores a la 2018.1.1 y razor-server y pe-razor-server anteriores a la 1.9.0.0. • https://puppet.com/security/cve/CVE-2018-6512 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6511 – XSS Vulnerability in Puppet Enterprise Console
https://notcve.org/view.php?id=CVE-2018-6511
A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6. Una vulnerabilidad Cross-Site Scripting (XSS) en Puppet Enterprise Console de Puppet Enterprise permite que un usuario inyecte scripts en Puppet Enterprise Console cuando se utiliza Puppet Enterprise Console. Las versiones de Puppet Puppet Enterprise afectadas son: versiones 2017.3.x anteriores al 2017.3.6. • https://puppet.com/security/cve/CVE-2018-6511 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6510 – XSS Vulnerability in Puppet Enterprise Console
https://notcve.org/view.php?id=CVE-2018-6510
A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6. Una vulnerabilidad Cross-Site Scripting (XSS) en Puppet Enterprise Console de Puppet Enterprise permite que un usuario inyecte scripts en Puppet Enterprise Console cuando se utiliza Orchestrator. Las versiones de Puppet Puppet Enterprise afectadas son: versiones 2017.3.x anteriores al 2017.3.6. • https://puppet.com/security/cve/CVE-2018-6510 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •