Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PuppetPuppet Enterprise3.0.1

2 matches found

CVE
CVEadded 2014/03/09 1:16 p.m.47 views

CVE-2013-4971

Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.

5CVSS6.3AI score0.0025EPSS
CVE
CVEadded 2014/03/09 1:16 p.m.41 views

CVE-2013-4966

The master external node classification script in Puppet Enterprise before 3.2.0 does not verify the identity of consoles, which allows remote attackers to create arbitrary classifications on the master by spoofing a console.

6.4CVSS6.9AI score0.00223EPSS