CVE-2013-2716 (CAS Client Config Vulnerability)

  • Posted March 28, 2013

  • A vulnerability can be introduced when upgrading PE versions 2.5.0 through 2.7.2 from PE versions 1.2.x or 2.0.x. In such cases, the CAS client config file, /etc/puppetlabs/console-auth/cas_client_config.yml, is installed without a randomized secret. Consequently, an attacker could craft a cookie that would be inappropriately authorized by the console. This issue only affects the console role.

    This issue has been resolved in PE 2.8.0. Users running older affected versions can resolve the issue by running

    /opt/puppet/bin/rake -f /opt/puppet/share/console-auth/Rakefile console:auth:generate_secret


    • Resolved in Puppet Enterprise 2.8.0