CVE-2018-11752

Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. These issues have been resolved in the 0.4.0 release.

References

https://puppet.com/security/cve/CVE-2018-11752