CVE-2013-4762

2013-08-20T22:55:00
ID CVE-2013-4762
Type cve
Reporter cve@mitre.org
Modified 2019-07-10T18:10:00

Description

Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.