admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2013/CVE-2013-16xx/CVE-2013-1653.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

359 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2013-1653",
"sourceIdentifier": "cve@mitre.org",
"published": "2013-03-20T16:55:01.770",
"lastModified": "2019-07-10T18:02:39.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"evaluatorImpact": "per http://www.ubuntu.com/usn/usn-1759-1/\r\n\"A security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n Ubuntu 12.10\r\n Ubuntu 12.04 LTS\r\n Ubuntu 11.10\"",
"descriptions": [
{
"lang": "en",
"value": "Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the \"run\" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request."
},
{
"lang": "es",
"value": "Puppet anterior a v2.6.18, v2.7.x anterior a v2.7.21, y v3.1.x anterior a v3.1.1, y Puppet Enterprise anterior a v1.2.7 y v2.7.x anterior a v2.7.2, cuando la espera de conexiones entrantes est\u00e1 activado y permiten el acceso al REST \"run\", permiten a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de un solicitud HTTP especialmente dise\u00f1ada."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndIncluding": "2.6.17",
"matchCriteriaId": "1D8BF85B-0874-4FFC-885C-90615BF158F3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE56BA6B-BDC4-431E-81FD-D7ED5E8783E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDDFB28-1971-4CCD-93D2-ABC08FE67F4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "508105B4-619A-4A9D-8B2F-FE5992C1006A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "26DB96A5-A57D-452F-A452-98B11F51CAE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D33AF704-FA05-4EA8-BE95-0177871A810F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "390FC5AE-4939-468C-B323-6B4E267A0F4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE4213-E233-402E-88C2-B7FF8D7B682C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4122D8E3-24AD-4A55-9F89-C3AAD50E638D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6D6B90-62BA-4944-A699-6D7C48AFD0A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC6A7B3-5949-4439-994A-68DA65438F5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5140C34D-589C-43DB-BCA7-8434EB173205"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E561C081-6262-46D3-AB17-01EEA6D3E988"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4703802D-0E3A-4760-B660-6AE0AF74DD40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.16:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3D39F6-F9C8-4E7F-981A-265B04E85579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.17:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBB3936-7A81-4BD9-80B2-3F614980BBCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet:2.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A1EABC0F-A7A6-4C28-9331-3EEB6D39A0C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5192CB-094F-469E-A644-2255C4F44804"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D17D2752-CB0D-4CC8-8604-FEBF8DEE16E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.19:*:*:*:*:*:*:*",
"matchCriteriaId": "29BBE8DB-8560-4A57-9BCB-D709A697ECDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "10E0543B-5B1D-4522-945D-98BD63380500"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "817AB37A-F7B0-4E68-B10A-9E4A358793F3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFF3B0A-2C66-445A-BB5C-136DCAA584FE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "06B3281A-202F-4FA5-8E8A-110294015624"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.1:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "07659CE1-D808-4A1C-A722-88E1901CA3F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "7F22BF6C-0463-4D09-BF05-0858D4746339"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.1:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "71A9603C-0E37-4413-88D4-733A803BB4FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.2:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "5563BBE9-AEFA-42BC-801A-AD7C449BF84A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.3:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "A0ACD643-638D-40C6-A66A-EC0D05E2608E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.4:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "38DDC70F-C49B-471B-B7DC-890E39BB7E0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.5:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "CECE879D-F055-401A-9E8B-0E7620AF357C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppetlabs:puppet:1.2.6:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "2F9ACC49-1E6E-4847-8AAA-F3D8E33811E9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3227E6D-27C8-4D6C-A9B7-713558FD9947"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3153F6B2-9CB2-4A1D-834B-33820EC8F0A0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/52596",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://ubuntu.com/usn/usn-1759-1",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2013/dsa-2643",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/58446",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://puppetlabs.com/security/cve/cve-2013-1653/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink