CVE-2013-4967

Priority
Description
Puppet Enterprise before 3.0.1 allows remote attackers to obtain the
database password via vectors related to how the password is "seeded as a
console parameter," External Node Classifiers, and the lack of access
control for /nodes.
Notes
sarnoldPuppet Enterprise is affected, not puppet
Package
Upstream:not-affected
More Information

Updated: 2020-03-18 22:13:30 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)