Puppet Enterprise 2018.x < 2018.1.1 Code Execution Vulnerability
High Nessus Plugin ID 129761
SynopsisA web application running on the remote host is affected by a code execution vulnerability.
DescriptionAccording to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2018.1.1. It is, therefore, affected by a code execution vulnerability when upgrading the pe-razor-server component.
SolutionUpgrade to Puppet Enterprise version 2018.1.1 or later.