Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5309

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations.

Published

2023-11-07T19:15:12.503

Last Modified

2024-11-21T08:41:30.110

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-384
  • Type: Primary
    CWE-384
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application puppet puppet_enterprise < 2021.7.6 Yes
Application puppet puppet_enterprise < 2023.5.0 Yes
References