CVE-2013-4961

Опубликовано: 20 авг. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information.

Ссылки

http://puppetlabs.com/security/cve/cve-2013-4961/
Vendor Advisory
http://puppetlabs.com/security/cve/cve-2013-4961/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*

Версия до 3.0.0 (включая)

cpe:2.3:a:puppet:puppet_enterprise:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:puppet:puppet_enterprise:2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:puppet:puppet_enterprise:2.8.0:*:*:*:*:*:*:*

cpe:2.3:a:puppet:puppet_enterprise:2.8.1:*:*:*:*:*:*:*

cpe:2.3:a:puppet:puppet_enterprise:2.8.2:*:*:*:*:*:*:*

cpe:2.3:a:puppet:puppet_enterprise:2.8.3:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2013-4961

ubuntu

больше 12 лет назад

Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information.

CVE-2013-4961

debian

больше 12 лет назад

Puppet Enterprise before 3.0.1 includes version information for the Ap ...

GHSA-qxqc-6rp4-9rh5

github

больше 3 лет назад

Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information.

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200