Puppet Enterprise x < 2018.1.9 / 2019.x.x < 2019.0.3 Default Password Vulnerabilities
High Nessus Plugin ID 129763
SynopsisA web application running on the remote host is affected by multiple vulnerabilities.
DescriptionThe admin account is using a default password. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system.
SolutionUpgrade to Puppet Enterprise version 2018.1.9, 2019.0.3, or later.