CVE-2013-4971 Information

Description

Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console which allows remote attackers to obtain sensitive information via unspecified vectors.

Reference

http://puppetlabs.com/security/cve/cve-2013-4971 http://www.securitytracker.com/id/1029873