Posted October 15, 2013
Assessed Risk Level: Low
A user's account was not locked out after the user submitted a large number of invalid login attempts, leaving the account vulnerable to brute force attack. Now the account is locked after 10 failed attempts.
- Resolved in Puppet Enterprise 3.1.0