{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-04-26T00:00:00", "descriptions": [{"lang": "en", "value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-06-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201606-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201606-02"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://puppet.com/security/cve/cve-2016-2785"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2785", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201606-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-02"}, {"name": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2", "refsource": "CONFIRM", "url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"}, {"name": "https://puppet.com/security/cve/cve-2016-2785", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2016-2785"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:32:21.089Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201606-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201606-02"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://puppet.com/security/cve/cve-2016-2785"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-2785", "datePublished": "2016-06-10T15:00:00", "dateReserved": "2016-02-29T00:00:00", "dateUpdated": "2024-08-05T23:32:21.089Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A11509AE-D08C-46AE-8D47-20E74818CBE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CA7AF7F2-94E6-4878-927B-C21631C98552", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "8FB7FA1B-B7F7-4969-80F9-6A915B513187", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.0.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "122339DA-E6C1-4F7A-8D41-28C254F3F7F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "68A51928-A68D-4A73-B6D0-D5C1DDEC6458", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E88DAC8-E363-424D-8DEF-4471A0B8BCE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "22C3FECF-C94E-4AE8-B461-BC3A3C31B723", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F5B5CAF9-9CFF-4E16-94FA-3A30457F294F", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C6C8611A-D412-4290-A549-63B927CE607E", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BE53A43-1311-4276-B6D3-A116EDD4596D", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D88EB0D2-E1BE-4A96-BFE3-EC30F6F94DEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "391B0EF3-C49C-4479-96BF-DAC83C4B7960", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E40E02A-C633-4EF1-964F-D58D6B69FF57", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE00E2D2-A880-4FAD-8514-68D92F45BB6E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet_server:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC4D00D8-6A01-4BE0-BD10-EDBBB716C0B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EEC046DE-8D52-475D-9FB8-833FCA324432", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "508E4ED0-42DD-4886-BF38-E1B38A8A1535", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9B03168-8F2B-4E97-8CF6-ACCD6BD5E97A", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BC34CE8-8586-4763-AB70-8D6C7E64CF87", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2D605861-8208-4051-8ABD-E6D6202BE243", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_server:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F392771-D087-4B17-9CEA-E599ECC08C38", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet_agent:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D66C57AB-F8E2-4817-8912-1D7EB4EB63FC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."}, {"lang": "es", "value": "Puppet Server en versiones anteriores a 2.3.2 y Ruby puppetmaster en Puppet 4.x en versiones anteriores a 4.4.2 y en Puppet Agent en versiones anteriores a 1.4.2 podr\u00eda permitir a atacantes remotos eludir las restricciones destinas al acceso auth.conf aprovechando una decodificaci\u00f3n URL incorrecta."}], "id": "CVE-2016-2785", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-06-10T15:59:00.140", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://puppet.com/security/cve/cve-2016-2785"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201606-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://puppet.com/security/cve/cve-2016-2785"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201606-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "puppet: incorrect URL decoding", "id": "1331024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331024"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "status": "draft"}, "details": ["Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding."], "name": "CVE-2016-2785", "package_state": [{"cpe": "cpe:/a:redhat:openstack-installer:5", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "OpenStack Foreman"}, {"cpe": "cpe:/a:redhat:ceph_storage:1.3", "fix_state": "Not affected", "package_name": "puppet", "product_name": "Red Hat Ceph Storage 1.3"}, {"cpe": "cpe:/a:redhat:openstack:5::el6", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)"}, {"cpe": "cpe:/a:redhat:openstack:6", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6 (Juno)"}, {"cpe": "cpe:/a:redhat:openstack-installer:6", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6 (Juno) Installer"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "puppet", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "puppet", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2016-04-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-2785\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2785\nhttps://puppet.com/security/cve/cve-2016-2785"], "statement": "This issue did not affect the versions of Puppet as shipped with various Red Hat products as they did not include support Puppet 3.x (using Passenger 4.x).", "threat_severity": "Low"}