← Volver a CVEs
CVE-2018-11751
MEDIUM5.4
Descripcion
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.
Detalles CVE
Puntuacion CVSS v3.15.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/16/2019
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
puppet:puppet_server
Debilidades (CWE)
CWE-295
Referencias
https://puppet.com/security/cve/CVE-2018-11751(security@puppet.com)
https://puppet.com/security/cve/CVE-2018-11751(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.