CVE-2016-9686

The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://puppet.com/security/cve/cve-2016-9686	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:puppet:puppet_enterprise::::::::
	cpe:2.3:a:puppet:puppet_enterprise:2016.5.1:::::::*

History

No history.

Information

Published : 2017-02-08 22:59

Updated : 2024-02-04 19:11

NVD link : CVE-2016-9686

Mitre link : CVE-2016-9686

CVE.ORG link : CVE-2016-9686

JSON object : View

Products Affected

puppet

puppet_enterprise

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2016-9686", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-02-08T22:59:00.730", "references": [{"url": "https://puppet.com/security/cve/cve-2016-9686", "tags": ["Vendor Advisory"], "source": "security@puppet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2."}, {"lang": "es", "value": "El Puppet Communications Protocol (PCP) Broker valida incorrectamente tama\u00f1os de la cabecera del mensaje. Un atacante podr\u00eda utilizar \u00e9sto para bloquear el PCP Broker, evitando que se env\u00eden comandos a los agentes. \u00c9sto est\u00e1 resuelto en Puppet Enterprise 2016.4.3 y 2016.5.2."}], "lastModified": "2019-07-10T15:40:36.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26593001-EE83-42CF-931C-6D85510921DB", "versionEndExcluding": "2016.4.3", "versionStartIncluding": "2016.4.0"}, {"criteria": "cpe:2.3:a:puppet:puppet_enterprise:2016.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "299ACFD1-609F-42CA-B0E5-F7B54A1ACBC9"}], "operator": "OR"}]}], "sourceIdentifier": "security@puppet.com"}