Format string error in Puppet Enterprise
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-5716 |
| CWE-ID | CWE-134 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Puppet Enterprise Client/Desktop applications / Software for system administration |
| Vendor | Puppet Labs |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Format string error
EUVDB-ID: #VU38511
Risk: High
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-5716
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.
MitigationInstall update from vendor's website.
Vulnerable software versionsPuppet Enterprise: 2015.2.0 - 2016.2.1
CPE2.3 External linkshttps://puppet.com/security/cve/pe-console-oct-2016
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
