Overview

CVE-2018-11752 - Cisco IOS Module logging issue

  • Posted October 2, 2018

  • Assessed Risk Level: Medium

  • CVSS 3 Base Score: 6.5

Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. These issues have been resolved in the 0.4.0 release.

Status:

Affected software versions:

  • cisco_ios prior to 0.4.0

Resolved in:

  • cisco_ios 0.4.0