CVSS 3 Base Score: 9.8Posted On: December 10, 2021Assessed Risk Level: HighContinuous Delivery for Puppet Enterprise (CD4PE) and Puppet Comply were found vulnerable to CVE-2021-44228. CD4PE was vulnerable to Remote Code Execution (RCE) and Comply was found potentially vulnerable to privilege escalation.https://nvd.nist.gov/vuln/detail/CVE-2021-44228https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rceStatus:Affected software versions:CD4PE 3.xCD4PE prior to 4.10.3Comply prior to 2.2.1Resolved in:CD4PE 4.10.3Comply 2.2.1← Back to CVE Listings