CVE-2014-3251
CVE-2014-3251 affects the MCollective aes_security plugin used with Puppet Enterprise before 3.3.0 and MCollective before 2.5.3. The issue is improper validation of new server certificates based on the CA certificate, allowing a local attacker to establish unauthorized MCollective connections via...