CVSS 3 Base Score:
3.7

Posted On:

Assessed Risk Level:
Low

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

Status:

Affected software versions:
  • Puppet 6.x prior to 6.4.0
  • Puppet Agent 6.x prior to 6.4.0
Resolved in:
  • Puppet 6.4.0
  • Puppet Agent 6.x prior to 6.4.0
← Back to CVE Listings