Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. These issues have been resolved in the 0.4.0 release.
References
Link | Resource |
---|---|
https://puppet.com/security/cve/CVE-2018-11752 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-10-02 19:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-11752
Mitre link : CVE-2018-11752
CVE.ORG link : CVE-2018-11752
JSON object : View
Products Affected
puppet
- cisco_ios
CWE
CWE-522
Insufficiently Protected Credentials