CVE-2013-4965 (Console account brute force vulnerability)

  • Posted October 15, 2013

  • Assessed Risk Level: Low

A user's account was not locked out after the user submitted a large number of invalid login attempts, leaving the account vulnerable to brute force attack. Now the account is locked after 10 failed attempts.


  • Resolved in Puppet Enterprise 3.1.0
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.