2 matches found
CVE-2013-4958
Puppet Enterprise prior to version 3.0.1 is affected by CVE-2013-4958 due to not using a session timeout. This enables a local attacker with an unattended workstation to escalate privileges. The issue is described across multiple advisories (Red Hat, SUSE, Ubuntu, Debian, CVE lists) with the same...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...