CVE-2012-5158

Name of the Vulnerable Software and Affected Versions Puppet Enterprise (PE) versions prior to 2.6.1

Description The issue allows remote authenticated users to retain access via unspecified vectors when the session secret has changed, due to improper session invalidation.

Recommendations For versions prior to 2.6.1, update to version 2.6.1 or later to resolve the issue.