📦

mcollective

Vendor: puppet

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 17 Total Indexed

Avg. EPSS 0.92% Exploit Prob.

Latest CVE CVE-2017-2292 Jun 30

Security Vulnerability Index

Page 1 / 2

9.0 CVSS

CVE-2017-2292

RCE

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior.

EPSS: 1.81%

Severity: CRITICAL

Jun 30, 2017

4.4 CVSS

CVE-2014-3251

The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.

EPSS: 0.03%

Severity: MEDIUM

Aug 12, 2014

Displaying 2 of 17 Total Entries

1 2

Total 2 Sections