CVE-2013-4961

Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.5.2:*:*:*:*:*:*:*

Information

Published : 2013-08-20 15:55

Updated : 2019-07-10 11:10


NVD link : CVE-2013-4961

Mitre link : CVE-2013-4961


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

puppet

  • puppet_enterprise