Miggo Logo

CVE-2021-27023: Unsafe HTTP Redirect in Puppet Agent and Puppet Server

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.49357%
CWE
-
Published
12/2/2021
Updated
5/4/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
puppetrubygems>= 7.0.0, < 7.12.17.12.1
puppetrubygems< 6.25.16.25.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description indicates unsafe handling of HTTP redirects similar to CVE-2018-1000007, which involved leaking credentials via redirects. Puppet's HTTP client would have needed a method to handle redirects, and the patched versions (6.25.1/7.12.1) likely added host validation and header stripping in this redirect handling logic. The function name and path are inferred from Puppet's code structure and Ruby HTTP client patterns, though exact implementation details are unavailable.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *is*ov*r** in Pupp*t ***nt *n* Pupp*t S*rv*r t**t m*y r*sult in * l**k o* *TTP *r***nti*ls w**n *ollowin* *TTP r**ir**ts to * *i***r*nt *ost. T*is is simil*r to *V*-****-*******

Reasoning

T** vuln*r**ility **s*ription in*i**t*s uns*** **n*lin* o* `*TTP` r**ir**ts simil*r to `*V*-****-*******`, w*i** involv** l**kin* *r***nti*ls vi* r**ir**ts. Pupp*t's `*TTP` *li*nt woul* **v* n***** * m*t*o* to **n*l* r**ir**ts, *n* t** p*t**** v*rsio