Puppet Enterprise < 2015.3.1 Information Disclosure Vulnerability
According to its self-reported version number, the Puppet install on the remote host is affected by an information disclosure vulnerability. An unauthenticated, unpriviledged remote attacker can cause a user to send jsessionid cookies in plain text, allowing the attacker the ability to potentiall...