CVSS 3 Base Score: 8.8Posted On: December 29, 2015Assessed Risk Level: High Puppet Enterprise 2015.3 contained a misconfiguration in which non-whitelisted hosts were permitted to communicate over the Puppet communications protocol and potentially control Puppet. This issue is fixed in 2015.3.1. Status:Affected software versions:Puppet Enterprise 2015.3.0Resolved in:Puppet Enterprise 2015.3.1← Back to CVE Listings