← Back

CVE-2013-1640

nvd nist
Published: Mar 20, 2013Modified: Apr 29, 2026

JSON object

Loading...
9.0
Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
Exploitability: 8.0 / Impact: 10.0
Source: NVD

Description

The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request.

Affected (9)

Puppet
2 products
Puppet
Puppet Enterprise
Canonical
1 product
Ubuntu Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Puppet
Before 2.6.18
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Puppet
From 2.7.0 to 2.7.21
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Puppet
Version 3.1.0
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Puppet Enterprise
Before 1.2.7
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Puppet
Puppet Enterprise
Version 2.7.0
Puppet Enterprise
Version 2.7.1
Configuration F
3 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 11.10
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 12.10

References (14)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.