CVE-2013-4959

Name of the Vulnerable Software and Affected Versions Puppet Enterprise versions prior to 3.0.1

Description The issue allows local users to potentially obtain sensitive information, including host name, MAC address, and SSH keys, via the web browser cache due to HTTP responses not having the "no-cache" setting.

Recommendations For versions prior to 3.0.1, update to version 3.0.1 or later to resolve the issue.