VDB
CVE-2021-27018
CVE-2021-27018
PUBLISHED
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source.
EPSS 0.10% · 26.4th percentile
Risk Scores
EPSS Score
0.10%
26.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | puppet | 0, 5.5.10-4ubuntu3, 5.4.0-2ubuntu3 |
| Ubuntu:22.04:LTS | puppet | 0, 5.5.22-4, 5.5.22-4ubuntu0.2 |
| Ubuntu:14.04:LTS | puppet | 3.4.3-1ubuntu1.1, 3.4.3-1ubuntu1.2, 3.4.3-1ubuntu1.3 |
| Ubuntu:18.04:LTS | puppet | 5.4.0-2ubuntu3, 0, 4.10.4-2ubuntu1 |
| Ubuntu:Pro:16.04:LTS | puppet | 3.8.4-1ubuntu1, 3.7.2-5ubuntu2, 0 |
Exploit Intelligence
Timeline
- Aug 30, 2021 CVE Published
- Aug 31, 2021 EPSS Score
- Oct 28, 2021 EPSS Score
- Dec 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 21, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 20, 2022 EPSS Score
- Jun 17, 2022 EPSS Score
- Aug 15, 2022 EPSS Score
- Oct 12, 2022 EPSS Score
- Dec 9, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-27018 third-party-advisory
- https://puppet.com/security/cve/CVE-2021-27018 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-27018 third-party-advisory