Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2018-11747
- EPSS 0.27%
- Published 21.03.2019 16:00:11
- Last modified 21.11.2024 03:43:57
Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. In version 1.4.0, a unique certificate will be generated on installation or the user will be able to provide their own TLS certificate for ingre...
9.8
CVE-2018-11746
- EPSS 0.23%
- Published 03.07.2018 13:29:00
- Last modified 21.11.2024 03:43:57
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available. This can expose the login credentials being used by Puppe...
1