Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE) before 2.7.1 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
Link | Resource |
---|---|
https://puppetlabs.com/security/cve/cve-2013-1399 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-14T16:00:00
Updated: 2014-03-14T15:57:01
Reserved: 2013-01-17T00:00:00
Link: CVE-2013-1399
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-03-14T16:55:04.660
Modified: 2019-07-10T18:02:35.610
Link: CVE-2013-1399
JSON object: View
Redhat Information
No data.
CWE