CVE-2018-11751

Опубликовано: 16 дек. 2019

Источник: nvd

CVSS3: 5.4

CVSS2: 4.8

EPSS Низкий

Описание

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

Ссылки

https://puppet.com/security/cve/CVE-2018-11751
Vendor Advisory
https://puppet.com/security/cve/CVE-2018-11751
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:*

Версия от 6.0.0 (включая) до 6.4.0 (исключая)

EPSS

Процентиль: 45%

0.00223

Низкий

5.4 Medium

CVSS3

4.8 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

CVE-2018-11751

CVSS3: 5.4

ubuntu

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

CVE-2018-11751

CVSS3: 3.7

redhat

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

CVE-2018-11751

CVSS3: 5.4

debian

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL co ...

GHSA-vvrg-mw82-38g2

github

больше 3 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

EPSS

Процентиль: 45%

0.00223

Низкий

5.4 Medium

CVSS3

4.8 Medium

CVSS2

Дефекты

CWE-295