CVE-2018-6516

EUVD-2018-18272
On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
puppetpuppet_enterprise_client_tools
16.4.0 ≤
𝑥
< 16.4.6
puppetpuppet_enterprise_client_tools
17.3.0 ≤
𝑥
< 17.3.6
puppetpuppet_enterprise_client_tools
18.1.0 ≤
𝑥
< 18.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
puppet
bullseye
5.5.22-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
puppet
artful
ignored
bionic
not-affected
cosmic
not-affected
disco
not-affected
trusty
not-affected
xenial
not-affected
References
https://puppet.com/security/cve/CVE-2018-6516
https://puppet.com/security/cve/CVE-2018-6516