Default TLS Certificate Vulnerability in Puppet Discovery

Default TLS Certificate Vulnerability in Puppet Discovery

CVE-2018-11747 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. In version 1.4.0, a unique certificate will be generated on installation or the user will be able to provide their own TLS certificate for ingress.

Learn more about our Cis Benchmark Audit For Nginx.