Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-10-25T23:00:00Z

Updated: 2024-09-16T19:52:20.128Z

Reserved: 2013-07-29T00:00:00Z

Link: CVE-2013-4965

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-10-25T23:55:04.363

Modified: 2024-11-21T01:56:48.330

Link: CVE-2013-4965

cve-icon Redhat

No data.