CVE-2013-4971

MEDIUM(5.0)

AV:N/AC:L/Au:N/C:P/I:N/A:N

Risk Signal Score13/100 — NIEDRIG

CVSS 5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

Technische Schwere

Beschreibung

Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.

Referenzen

http://puppetlabs.com/security/cve/cve-2013-4971
http://www.securitytracker.com/id/1029873
http://puppetlabs.com/security/cve/cve-2013-4971
http://www.securitytracker.com/id/1029873