CVE-2011-5098

EUVD-2011-4998
chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote authenticated users to bypass intended access restrictions by leveraging read permission for the validation key and executing a knife client create command with the --admin option.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Affected Products (NVD)
VendorProductVersion
opscodechef
𝑥
≤ 0.9.18
opscodechef
0.5.1
opscodechef
0.5.2
opscodechef
0.5.4
opscodechef
0.5.6
opscodechef
0.6.0
opscodechef
0.6.2
opscodechef
0.7.2
opscodechef
0.7.4
opscodechef
0.7.6
opscodechef
0.7.8
opscodechef
0.7.10
opscodechef
0.7.12
opscodechef
0.7.14
opscodechef
0.8.2
opscodechef
0.8.4
opscodechef
0.8.6
opscodechef
0.8.8
opscodechef
0.8.10
opscodechef
0.8.12
opscodechef
0.8.14
opscodechef
0.8.16
opscodechef
0.9.0
opscodechef
0.9.2
opscodechef
0.9.4
opscodechef
0.9.6
opscodechef
0.9.8
opscodechef
0.9.10
opscodechef
0.9.12
opscodechef
0.9.14
opscodechef
0.9.16
opscodechef
0.10.0
opscodechef
0.10.2
opscodechef
0.10.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chef
hardy
dne
lucid
ignored
natty
ignored
oneiric
ignored
precise
dne
quantal
not-affected
raring
not-affected
saucy
not-affected
chef-server-api
hardy
dne
lucid
dne
natty
dne
oneiric
dne
precise
dne
quantal
not-affected
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://tickets.opscode.com/browse/CHEF-2649
https://github.com/opscode/chef/commit/33f0e9c58bbf047e1b401a834f3abfe72d9a8947
http://tickets.opscode.com/browse/CHEF-2649
https://github.com/opscode/chef/commit/33f0e9c58bbf047e1b401a834f3abfe72d9a8947