CVE-2021-27018 - Incorrect Certificate Validation

  • Posted April 15, 2021

  • Assessed Risk Level: Medium

  • CVSS 3.1 Base Score: 6.3

The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source.

Status:

Affected software versions:

  • Puppet Remediate prior to 2.0 (Tenable.sc users only)

Resolved in:

  • Puppet Remediate 2.0
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.