CVE-2013-4961

Overview

CVE-2013-4961 (Software Version Numbers Were Revealed)

  • Posted August 15, 2013

  • Assessed Risk Level: Low

The Apache and Phusion Passenger software versions used for the application are revealed by the web server in the HTTP response headers.

Displaying version information could allow an attacker to determine which vulnerabilities are present, particularly in cases involving an outdated software version with published vulnerabilities.

Status

  • Resolved in Puppet Enterprise 3.0.1.