Arbitrary File Write Vulnerability in mcollective-sshkey-security Plugin

Arbitrary File Write Vulnerability in mcollective-sshkey-security Plugin

CVE-2017-2298 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem".

Learn more about our Cis Benchmark Audit For Server Software.