CVE-2018-11750
The CVE concerns the Puppet cisco_ios module: earlier releases did not validate the host’s identity before initiating an SSH connection. This absence of host verification could enable an attacker to perform a man‑in‑the‑middle attack by impersonating the target host. The vulnerability is mitigate...