{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-10-24T00:00:00", "descriptions": [{"lang": "en", "value": "Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka \"AltNames Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-08T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "46550", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46550"}, {"name": "USN-1238-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1238-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"}, {"name": "puppet-x509-spoofing(70970)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"}, {"name": "46578", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46578"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://puppet.com/security/cve/cve-2011-3872"}, {"name": "46934", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46934"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"}, {"name": "50356", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/50356"}, {"name": "46964", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46964"}, {"name": "USN-1238-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1238-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-3872", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka \"AltNames Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46550", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46550"}, {"name": "USN-1238-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1238-2"}, {"name": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/", "refsource": "CONFIRM", "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"}, {"name": "puppet-x509-spoofing(70970)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"}, {"name": "46578", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46578"}, {"name": "https://puppet.com/security/cve/cve-2011-3872", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2011-3872"}, {"name": "46934", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46934"}, {"name": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1", "refsource": "CONFIRM", "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"}, {"name": "50356", "refsource": "BID", "url": "http://www.securityfocus.com/bid/50356"}, {"name": "46964", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46964"}, {"name": "USN-1238-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1238-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:53:31.429Z"}, "title": "CVE Program Container", "references": [{"name": "46550", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46550"}, {"name": "USN-1238-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1238-2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"}, {"name": "puppet-x509-spoofing(70970)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"}, {"name": "46578", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46578"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://puppet.com/security/cve/cve-2011-3872"}, {"name": "46934", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46934"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"}, {"name": "50356", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/50356"}, {"name": "46964", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46964"}, {"name": "USN-1238-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1238-1"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-3872", "datePublished": "2011-10-27T20:00:00", "dateReserved": "2011-09-29T00:00:00", "dateUpdated": "2024-08-06T23:53:31.429Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BEF50EE-4E4B-4641-BA34-B5024F1EF683", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "1CC72248-FD33-4CA0-A16E-0A174A864257", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CEFB16E-261F-4B81-BCBE-536CAD2EC44B", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "652D28FC-7133-4C5F-95D9-3468548465B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "AEEEE59D-BC0E-4107-B55D-9B182825E557", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "B4ED400E-48F7-475B-A87C-A14EC63DD93D", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "D827D4C2-7438-4EDD-9025-38D46CD5153C", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "E73C341A-6C07-4820-B1D3-4616B634F380", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "61381D4C-972F-4979-84D2-793E4C60E23E", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "7D8C2A71-0277-4426-8627-D6FD275EFC62", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "3FB3C44C-2C6C-496C-9D2E-C43FFB493C42", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "AD2656B0-9606-477B-BEB3-35746218BF9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE56BA6B-BDC4-431E-81FD-D7ED5E8783E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FDDDFB28-1971-4CCD-93D2-ABC08FE67F4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "508105B4-619A-4A9D-8B2F-FE5992C1006A", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "26DB96A5-A57D-452F-A452-98B11F51CAE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1E5192CB-094F-469E-A644-2255C4F44804", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D17D2752-CB0D-4CC8-8604-FEBF8DEE16E0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0A584D14-197E-47EB-B394-B8B211D4B502", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BFF8F62F-8782-4FD2-BC14-3F9E46881F0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "36A3FDB9-F599-4999-A6B9-C82C7DAF5A70", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "41C07E3C-4F96-4B91-8B2D-09076749FF2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C1C09E3-88DB-4022-B4B4-8FEE5D9CB57B", "vulnerable": true}, {"criteria": "cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD5ED72A-0C75-4680-8283-E0AE47780B3E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka \"AltNames Vulnerability.\""}, {"lang": "es", "value": "Puppet v2.6.x antes de v2.6.12 y v2.7.x antes de v2.7.6, y Puppet Enterprise (PE) Users v1.0, v1.1, y v1.2 antes de v1.2.4, al firmar un certificado de agente, a\u00f1ade los valores de Puppet master's certdnsnames al campo X.509 Subject Alternative Name, lo que permite a atacantes remotos falsificar un Puppet master a trav\u00e9s de un ataque \"Man-in-the-middle\" contra un agente que utilice un nombre alternativo de DNS para el maestro, tambi\u00e9n conocido como \"Vulnerabilidad AltNames.\""}], "id": "CVE-2011-3872", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-10-27T20:55:01.760", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"}, {"source": "cve@mitre.org", "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46550"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46578"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/46934"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/46964"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/50356"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-1238-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-1238-2"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"}, {"source": "cve@mitre.org", "url": "https://puppet.com/security/cve/cve-2011-3872"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46550"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46578"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/46934"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/46964"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/50356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1238-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1238-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://puppet.com/security/cve/cve-2011-3872"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "puppet: MITM by the x509v3 certificate signing", "id": "748447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=748447"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:H/Au:M/C:P/I:P/A:P", "status": "draft"}, "details": ["Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka \"AltNames Vulnerability.\""], "name": "CVE-2011-3872", "package_state": [{"cpe": "cpe:/a:cloudforms_tools:1", "fix_state": "Affected", "package_name": "puppet", "product_name": "Red Hat CloudForms Tools 1"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:1", "fix_state": "Will not fix", "package_name": "puppet", "product_name": "Red Hat Enterprise MRG 1"}], "public_date": "2011-10-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-3872\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3872\nhttp://www.puppetlabs.com/security/cve/cve-2011-3872/"], "threat_severity": "Important"}