CVE-2013-4965

Overview

CVE-2013-4965 (Console account brute force vulnerability)

  • Posted October 15, 2013

  • Assessed Risk Level: Low

A user's account was not locked out after the user submitted a large number of invalid login attempts, leaving the account vulnerable to brute force attack. Now the account is locked after 10 failed attempts.

Status

  • Resolved in Puppet Enterprise 3.1.0