Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-10-25T23:00:00Z
Updated: 2024-09-16T19:52:20.128Z
Reserved: 2013-07-29T00:00:00Z
Link: CVE-2013-4965
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-10-25T23:55:04.363
Modified: 2024-11-21T01:56:48.330
Link: CVE-2013-4965
Redhat
No data.