← voltar
CVE-2013-4962

CVE-2013-4962

EPSS 1.2%
The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current password, which allows attackers to modify user passwords by leveraging session hijacking, an unattended workstation, or other vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://puppetlabs.com/security/cve/cve-2013-4962/