Описание
Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| lucid | ignored | end of life |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| upstream | not-affected |
Показывать по
10
5.8 Medium
CVSS2
Связанные уязвимости
nvd
больше 12 лет назад
Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.
debian
больше 12 лет назад
Puppet Enterprise before 3.0.1 does not sufficiently invalidate a sess ...
github
больше 3 лет назад
Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.
5.8 Medium
CVSS2