CVE-2013-1653

NONECVSS 0.0

0.0

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request.

🔗 References (14)

cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
cve@mitrehttp://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
cve@mitrehttp://secunia.com/advisories/52596
cve@mitrehttp://ubuntu.com/usn/usn-1759-1
cve@mitrehttp://www.debian.org/security/2013/dsa-2643
cve@mitrehttp://www.securityfocus.com/bid/58446
cve@mitrehttps://puppetlabs.com/security/cve/cve-2013-1653/
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52596
af854a3a-2127-422b-91ae-364da2661108http://ubuntu.com/usn/usn-1759-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2643
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/58446
af854a3a-2127-422b-91ae-364da2661108https://puppetlabs.com/security/cve/cve-2013-1653/

Is Your Infrastructure Affected by CVE-2013-1653?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1653

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1653?