Vulnerability Database

Published: Nov 7, 2023
Updated: Nov 16, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-5309" target="_blank" rel="noopener"> CVE-2023-5309
Severity: Critical
Exploit:

296,746

Total vulnerabilities in the database

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
puppet / puppet_enterprise	2023.0	2023.5.0
puppet / puppet_enterprise	-	2021.7.6

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.