The host is installed with Puppet Agent 5.5.x before 5.5.19 or 6.x.x before 6.13.0 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to handle a node in `puppet.conf` on Puppet master. Successful exploitation could allow access to everything in the infrastructure.