Lucene search

Ubuntu.comUB:CVE-2013-4961

HistoryAug 20, 2013 - 12:00 a.m.

CVE-2013-4961

2013-08-2000:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.6%

JSON

Puppet Enterprise before 3.0.1 includes version information for the Apache
and Phusion Passenger products in its HTTP response headers, which allows
remote attackers to obtain sensitive information.

Notes

Author	Note
seth-arnold	Puppet Enterprise is affected, not puppet

References

puppetlabs.com/security/cve/cve-2013-4961/

launchpad.net/bugs/cve/CVE-2013-4961

nvd.nist.gov/vuln/detail/CVE-2013-4961

security-tracker.debian.org/tracker/CVE-2013-4961

www.cve.org/CVERecord?id=CVE-2013-4961

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.6%

JSON

Related for UB:CVE-2013-4961