NotCVE - vendor:"Puppet" product:"Puppet Enterprise" version:"2023.1.0"

2 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-5309 – Broken Session Management in Puppet Enterprise

https://notcve.org/view.php?id=CVE-2023-5309

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. Las versiones de Puppet Enterprise anteriores a 2021.7.6 y 2023.5 contienen una falla que resulta en una gestión de sesiones interrumpida para las implementaciones de SAML. • https://www.puppet.com/security/cve/cve-2023-5309-broken-session-management-puppet-enterprise • CWE-384: Session Fixation •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-2530

https://notcve.org/view.php?id=CVE-2023-2530

A privilege escalation allowing remote code execution was discovered in the orchestration service. • https://www.puppet.com/security/cve/cve-2023-2530-remote-code-execution-orchestrator •