VYPR

Cisco Ios

by Puppet (software)

Source repositories

CVEs (2)

  • CVE-2018-11750MedOct 2, 2018
    risk 0.42cvss 6.5epss 0.01

    Previous releases of the Puppet cisco_ios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of cisco_ios, host key checking is enabled by default.

  • CVE-2018-11752MedOct 2, 2018
    risk 0.36cvss 5.5epss 0.00

    Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. These issues have been resolved in the 0.4.0 release.