Unverified SSL Connection in Previous Versions of Puppet Agent
CVE-2018-11751 · MEDIUM Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.
Learn more about our Web Application Penetration Testing UK.