{"id":"CVE-2017-2299","details":"Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_dir` parameter, a default will be provided for the `ssl_certs_dir` that will trust certificates from any of the system-trusted certificate authorities. This did not affect FreeBSD.","modified":"2026-04-10T03:59:08.434557Z","published":"2017-09-15T18:29:00.260Z","references":[{"type":"ADVISORY","url":"https://puppet.com/security/cve/CVE-2017-2299"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100859"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/puppetlabs/puppetlabs-apache","events":[{"introduced":"0"},{"last_affected":"2ab694619b08650e36f9ae2eaeb8c03769307c37"},{"introduced":"0"},{"last_affected":"66d5ce9aef8ef6c589a36323bba2879dd0d66fd1"},{"introduced":"0"},{"last_affected":"b18fad908fe7cb8fbc6604fde1962c85540095f4"},{"introduced":"0"},{"last_affected":"39a6e2ee1f6059225729a78bbb57e2200ab78caa"},{"introduced":"0"},{"last_affected":"ac4673aa6f43c456ec21d8f773cdf8127eab7ed4"},{"introduced":"0"},{"last_affected":"185ec051db623d47c0cd4bce4afffa29aa1b18d2"},{"introduced":"0"},{"last_affected":"83401079053dca11d61945bd9beef9ecf7576cbf"},{"introduced":"0"},{"last_affected":"1f1cffcff00fde938033323757a00fdee1d134bd"},{"introduced":"0"},{"last_affected":"97b5594ffd3b7fec169f807d3dee07cb094982a5"},{"introduced":"0"},{"last_affected":"7aff8652358180309ef6964fbb406b5e71e9949c"},{"introduced":"0"},{"last_affected":"5a45cf170c3b9abb44cf4a9adade2752e2159b7f"},{"introduced":"0"},{"last_affected":"d00631cd8339b5f0e171c9351a26a0cb6014476c"},{"introduced":"0"},{"last_affected":"212e09d383c7382aa269e8c00e5c20c1c3808b2d"},{"introduced":"0"},{"last_affected":"173967ab8dd21a93d6f2b47ff2641d0092f729b1"},{"introduced":"0"},{"last_affected":"bd328556a533e046b3c32cbc7751b768d18af512"},{"introduced":"0"},{"last_affected":"e4ec6d4985fdb23e26c809e0d5786823d0689f90"},{"introduced":"0"},{"last_affected":"34d5a2aacc7a085463284acdbe9ce676332fa6b6"},{"introduced":"0"},{"last_affected":"fcc73608e0daa8b3856488c0f7ef29b715b49ef2"},{"introduced":"0"},{"last_affected":"883ca3a226233563fcaf4f17bd1afe22eb1715b0"},{"introduced":"0"},{"last_affected":"3d5bb6375d10cf55b2090bab81dd3f35cfcff7a2"},{"introduced":"0"},{"last_affected":"f7946501ddb68e0057b5dc3272657bea891639e5"},{"introduced":"0"},{"last_affected":"ce48f577e38baed14d348c6a6ed71a6cd54398ea"},{"introduced":"0"},{"last_affected":"d76699aa0be710f2063a9172cf32536a547888f9"},{"introduced":"0"},{"last_affected":"410309f5facd0df7d836ea66c27ca9514031b6e3"},{"introduced":"0"},{"last_affected":"91bed86590382beb85707025fb7570284a5965a1"},{"introduced":"0"},{"last_affected":"349d4f910c58b08da452f7d08e6e7e6d79c238e9"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.0.4"},{"introduced":"0"},{"last_affected":"0.4.0"},{"introduced":"0"},{"last_affected":"0.6.0"},{"introduced":"0"},{"last_affected":"0.7.0"},{"introduced":"0"},{"last_affected":"0.8.0"},{"introduced":"0"},{"last_affected":"0.8.1"},{"introduced":"0"},{"last_affected":"0.9.0"},{"introduced":"0"},{"last_affected":"0.10.0"},{"introduced":"0"},{"last_affected":"0.11.0"},{"introduced":"0"},{"last_affected":"1.0.0"},{"introduced":"0"},{"last_affected":"1.0.1"},{"introduced":"0"},{"last_affected":"1.1.0"},{"introduced":"0"},{"last_affected":"1.1.1"},{"introduced":"0"},{"last_affected":"1.2.0"},{"introduced":"0"},{"last_affected":"1.3.0"},{"introduced":"0"},{"last_affected":"1.4.0"},{"introduced":"0"},{"last_affected":"1.4.1"},{"introduced":"0"},{"last_affected":"1.5.0"},{"introduced":"0"},{"last_affected":"1.6.0"},{"introduced":"0"},{"last_affected":"1.7.0"},{"introduced":"0"},{"last_affected":"1.7.1"},{"introduced":"0"},{"last_affected":"1.8.0"},{"introduced":"0"},{"last_affected":"1.8.1"},{"introduced":"0"},{"last_affected":"1.10.0"},{"introduced":"0"},{"last_affected":"1.11.0"},{"introduced":"0"},{"last_affected":"2.0.0"}]}}],"versions":["0.0.4","0.1.0","0.1.1","0.1.2","0.10.0","0.11.0","0.2.0","0.2.1","0.2.2","0.3.0","0.4.0","0.6.0","0.7.0","0.8.0","0.8.1","0.9.0","1.0.0","1.0.1","1.1.0","1.1.1","1.10.0","1.11.0","1.2.0","1.3.0","1.4.0","1.4.1","1.5.0","1.6.0","1.7.0","1.7.1","1.8.0","1.8.1","2.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2299.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}