CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5158

Puppet Enterprise (PE) before 2.6.1 does not properly invalidate sessions when the session secret has changed, which allows remote authenticated users to retain access via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.5%

CVSS Severity

CVSS v2 Score 4.0

References

Products affected by CVE-2012-5158

Puppet » Puppet Enterprise » Version: N/A

cpe:2.3:a:puppet:puppet_enterprise:-
Puppet » Puppet Enterprise » Version: 1.0

cpe:2.3:a:puppet:puppet_enterprise:1.0
Puppet » Puppet Enterprise » Version: 1.1

cpe:2.3:a:puppet:puppet_enterprise:1.1
Puppet » Puppet Enterprise » Version: 1.2.0

cpe:2.3:a:puppet:puppet_enterprise:1.2.0
Puppet » Puppet Enterprise » Version: 1.2.1

cpe:2.3:a:puppet:puppet_enterprise:1.2.1
Puppet » Puppet Enterprise » Version: 1.2.2

cpe:2.3:a:puppet:puppet_enterprise:1.2.2
Puppet » Puppet Enterprise » Version: 1.2.3

cpe:2.3:a:puppet:puppet_enterprise:1.2.3
Puppet » Puppet Enterprise » Version: 1.2.4

cpe:2.3:a:puppet:puppet_enterprise:1.2.4
Puppet » Puppet Enterprise » Version: 1.2.5

cpe:2.3:a:puppet:puppet_enterprise:1.2.5
Puppet » Puppet Enterprise » Version: 1.2.6

cpe:2.3:a:puppet:puppet_enterprise:1.2.6
Puppet » Puppet Enterprise » Version: 1.2.7

cpe:2.3:a:puppet:puppet_enterprise:1.2.7
Puppet » Puppet Enterprise » Version: 2.0.0

cpe:2.3:a:puppet:puppet_enterprise:2.0.0
Puppet » Puppet Enterprise » Version: 2.0.1

cpe:2.3:a:puppet:puppet_enterprise:2.0.1
Puppet » Puppet Enterprise » Version: 2.0.2

cpe:2.3:a:puppet:puppet_enterprise:2.0.2
Puppet » Puppet Enterprise » Version: 2.0.3

cpe:2.3:a:puppet:puppet_enterprise:2.0.3
Puppet » Puppet Enterprise » Version: 2.5.0

cpe:2.3:a:puppet:puppet_enterprise:2.5.0
Puppet » Puppet Enterprise » Version: 2.5.1

cpe:2.3:a:puppet:puppet_enterprise:2.5.1
Puppet » Puppet Enterprise » Version: 2.5.2

cpe:2.3:a:puppet:puppet_enterprise:2.5.2
Puppet » Puppet Enterprise » Version: 2.5.3

cpe:2.3:a:puppet:puppet_enterprise:2.5.3
Puppet » Puppet Enterprise » Version: 2.6.0

cpe:2.3:a:puppet:puppet_enterprise:2.6.0
Puppetlabs » Puppet » Version: 2.5.0

cpe:2.3:a:puppetlabs:puppet:2.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5158

Products

Pricing

Contact Us