CVE-2013-4964 in Puppetinfo

Zusammenfassung

von MITRE

Puppet Enterprise before 3.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservieren

29.07.2013

Veröffentlichung

20.08.2013

Moderieren

akzeptiert

Eintrag

VDB-64733

CPE

bereit

EPSS

0.01618

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!