Puppet Enterprise 2016.x < 2016.4.15 / 2017.x < 2017.3.10 / 2018.x < 2018.1.4 Plaintext Credential Vulnerability
Medium Nessus Plugin ID 129762
SynopsisA web application running on the remote host is affected by multiple vulnerabilities.
DescriptionA plaintext credential vulnerability exists when users are configured to use startTLS with Role-Based Access Control (RBAC) Lightweight Directory Access Protocol (LDAP). An unauthenticated, remote attacker can exploit this to bypass authentication to see the users credentials in plaintext. (CVE-2018-11749)
SolutionUpgrade to Puppet Enterprise version 2016.4.15 / 2017.3.10 / 2018.1.4 or later.