exploitDog

GHSA-7q8p-gpwv-hj67

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation.

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation.

Ссылки

EPSS

Процентиль: 12%

0.00041

Низкий

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2013-4958

ubuntu

больше 12 лет назад

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation.

CVE-2013-4958

nvd

больше 12 лет назад

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation.

CVE-2013-4958

debian

больше 12 лет назад

Puppet Enterprise before 3.0.1 does not use a session timeout, which m ...

EPSS

Процентиль: 12%

0.00041

Низкий

CVE ID

Дефекты

CWE-287