CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11750

Previous releases of the Puppet cisco_ios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of cisco_ios, host key checking is enabled by default.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.2%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://puppet.com/security/cve/CVE-2018-11750
https://exchange.xforce.ibmcloud.com/vulnerabilities/150978
https://puppet.com/security/cve/CVE-2018-11750

Products affected by CVE-2018-11750

Puppet » Cisco Ios Module » Version: Any

cpe:2.3:a:puppet:cisco_ios_module:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11750

Products

Pricing

Contact Us