4 matches found
CVE-2018-11751
A flaw was found in Puppet, where the Puppet Agent did not verify the peer in the SSL connection before downloading to the Certificate Revocation List CRL. The primary risk is the availability of communications to computing systems and not Puppet itself. This flaw allows an attacker to submit a...
CVE-2018-11751
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0...
CVE-2018-11751
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0...
CVE-2018-11751
CVE-2018-11751 affects Puppet Agent: older versions did not verify the SSL peer when downloading the CRL. This undermines authenticity of the CRL and can impact system communications, with the cited fix in Puppet Agent 6.4.0. Remediation: upgrade to Puppet Agent 6.4.0 or later (as indicated by mu...