Pulp
CVE-2016-3111
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running.
AnalysisAI
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. Affected products include: Pulpproject Pulp.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key. Rated medi
Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privilege
A flaw was found in the Pulp package. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low at
pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the serv
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. Rated high severity (CVSS 7.5), this vulne
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as w
Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations. Rated high sev
In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable t
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary fil
pulp 2.16.x and possibly older is vulnerable to an improper path parsing. Rated medium severity (CVSS 6.5), this vulnera
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key. Rated medium severity (CVSS 5
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today