Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-4959

Опубликовано: 20 авг. 2013
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
Версия до 3.0.0 (включая)
cpe:2.3:a:puppet:puppet_enterprise:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.3:*:*:*:*:*:*:*

EPSS

Процентиль: 18%
0.00056
Низкий

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2013-4959

ubuntu
больше 12 лет назад

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache.

debian логотип

CVE-2013-4959

debian
больше 12 лет назад

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensit ...

github логотип

GHSA-mv55-69wx-g2jm

github
больше 3 лет назад

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache.

EPSS

Процентиль: 18%
0.00056
Низкий

2.1 Low

CVSS2

Дефекты

CWE-200