FreeBSD : foreman-proxy SSL verification issue (c30c3a2e-4fb1-11e4-b275-14dae9d210b8)
High Nessus Plugin ID 78114
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionForeman Security reports :
The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, or performing any verification of an SSL client certificate. This permits any client with access to the API to make requests and perform actions permitting control of Puppet CA, DHCP, DNS etc.)
SolutionUpdate the affected package.