Default TLS Certificate Vulnerability in Puppet Discovery
CVE-2018-11747 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. In version 1.4.0, a unique certificate will be generated on installation or the user will be able to provide their own TLS certificate for ingress.
Learn more about our Cis Benchmark Audit For Nginx.