Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities found for Firewall Module by Puppet

    CVE-2022-0675 (GCVE-0-2022-0675)

    Vulnerability from nvd – Published: 2022-03-02 21:00 – Updated: 2024-08-02 23:40
    VLAI
    Title
    Puppet Firewall Module May Leave Unmanaged Rules
    Summary
    In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Puppet Firewall Module Affected: prior to 3.4.0 , < 3.4.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:40:03.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://puppet.com/security/cve/CVE-2022-0675"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Firewall Module",
              "vendor": "Puppet",
              "versions": [
                {
                  "lessThan": "3.4.0",
                  "status": "affected",
                  "version": "prior to 3.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1289",
                  "description": "CWE-1289",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-02T21:00:59.000Z",
            "orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
            "shortName": "puppet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://puppet.com/security/cve/CVE-2022-0675"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Puppet Firewall Module May Leave Unmanaged Rules",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@puppet.com",
              "ID": "CVE-2022-0675",
              "STATE": "PUBLIC",
              "TITLE": "Puppet Firewall Module May Leave Unmanaged Rules"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Firewall Module",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "prior to 3.4.0",
                                "version_value": "3.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Puppet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-1289"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://puppet.com/security/cve/CVE-2022-0675",
                  "refsource": "MISC",
                  "url": "https://puppet.com/security/cve/CVE-2022-0675"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
        "assignerShortName": "puppet",
        "cveId": "CVE-2022-0675",
        "datePublished": "2022-03-02T21:00:59.000Z",
        "dateReserved": "2022-02-17T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:40:03.173Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-0675 (GCVE-0-2022-0675)

    Vulnerability from cvelistv5 – Published: 2022-03-02 21:00 – Updated: 2024-08-02 23:40
    VLAI
    Title
    Puppet Firewall Module May Leave Unmanaged Rules
    Summary
    In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Puppet Firewall Module Affected: prior to 3.4.0 , < 3.4.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:40:03.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://puppet.com/security/cve/CVE-2022-0675"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Firewall Module",
              "vendor": "Puppet",
              "versions": [
                {
                  "lessThan": "3.4.0",
                  "status": "affected",
                  "version": "prior to 3.4.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1289",
                  "description": "CWE-1289",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-02T21:00:59.000Z",
            "orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
            "shortName": "puppet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://puppet.com/security/cve/CVE-2022-0675"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Puppet Firewall Module May Leave Unmanaged Rules",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@puppet.com",
              "ID": "CVE-2022-0675",
              "STATE": "PUBLIC",
              "TITLE": "Puppet Firewall Module May Leave Unmanaged Rules"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Firewall Module",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "prior to 3.4.0",
                                "version_value": "3.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Puppet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-1289"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://puppet.com/security/cve/CVE-2022-0675",
                  "refsource": "MISC",
                  "url": "https://puppet.com/security/cve/CVE-2022-0675"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
        "assignerShortName": "puppet",
        "cveId": "CVE-2022-0675",
        "datePublished": "2022-03-02T21:00:59.000Z",
        "dateReserved": "2022-02-17T00:00:00.000Z",
        "dateUpdated": "2024-08-02T23:40:03.173Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }