CVE-2013-4971
published 2014-03-09CVE-2013-4971: Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive…
medium5CVSS 3.1
AVNACLAuNCPINAN
Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | puppet | — | — |
| puppet | puppet_enterprise | <= 3.1.1 | — |
| puppet | puppet_enterprise | — | — |
| puppet | puppet_enterprise | — | — |
| puppet | puppet_enterprise | — | — |