Puppet Enterprise Console Login Authentication Bypass Vulnerability

Puppet Enterprise is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to bypass the authentication and gain unauthorized access to a user's account on the affected application using brute-force attacks. Successfully exploiting this issue may lead to further attacks.

Versions prior to Puppet Enterprise 3.1.0 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus