CVE-2013-4962 in Puppetinformación

Resumen

por MITRE

The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current password, which allows attackers to modify user passwords by leveraging session hijacking, an unattended workstation, or other vectors.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

2013-07-29

Divulgación

2013-08-20

Moderación

aceptado

Artículo

VDB-64732

CPE

listo

EPSS

0.01226

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!