CVE-2021-27018
HIGHPuppet Remediate < 2.0.1 - Improper Certificate Validation
Title source: llmDescription
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://puppet.com/security/cve/CVE-2021-27018
Scores
CVSS v3
7.5
EPSS
0.0052
EPSS Percentile
40.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-295
Status
published
Products (1)
puppet/remediate
< 2.0.1
Published
Aug 30, 2021
Tracked Since
Feb 18, 2026