Vulnerabilites related to saltstack - salt
Vulnerability from fkie_nvd
Published
2020-11-06 08:15
Modified
2024-11-21 05:08
Severity ?
Summary
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | 3001 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B0A54497-D7E2-4A2C-9719-4D992B296498", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "920C57AF-6E88-465A-83FA-AB947D4C6F0B", versionEndExcluding: "2016.11.6", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C45ACC11-CA9B-4451-B6DD-BD784349CDE8", versionEndExcluding: "2017.7.4", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "BD998745-FA62-4894-A4FC-767F0DE131B9", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "9747884A-8B29-42C9-BF5E-5B6D883A78E3", versionEndExcluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "D64191C4-C3D3-4615-B7D5-26ADA8BD7C7B", versionEndExcluding: "3000.3", versionStartIncluding: "3000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*", matchCriteriaId: "74CAD70E-E77C-4010-B224-CEE3968CB6A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", }, { lang: "es", value: "El módulo TLS dentro de SaltStack Salt versiones hasta 3002, crea certificados con permisos de archivo débiles", }, ], id: "CVE-2020-17490", lastModified: "2024-11-21T05:08:13.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-06T08:15:13.347", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-06 08:15
Modified
2024-11-21 05:18
Severity ?
Summary
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | 3001 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B0A54497-D7E2-4A2C-9719-4D992B296498", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "920C57AF-6E88-465A-83FA-AB947D4C6F0B", versionEndExcluding: "2016.11.6", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C45ACC11-CA9B-4451-B6DD-BD784349CDE8", versionEndExcluding: "2017.7.4", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "BD998745-FA62-4894-A4FC-767F0DE131B9", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "9747884A-8B29-42C9-BF5E-5B6D883A78E3", versionEndExcluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "D64191C4-C3D3-4615-B7D5-26ADA8BD7C7B", versionEndExcluding: "3000.3", versionStartIncluding: "3000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*", matchCriteriaId: "74CAD70E-E77C-4010-B224-CEE3968CB6A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", }, { lang: "es", value: "En SaltStack Salt versiones hasta 3002, salt-netapi comprueba inapropiadamente credenciales y tokens de eauth. Un usuario puede omitir la autenticación e invocar Salt SSH", }, ], id: "CVE-2020-25592", lastModified: "2024-11-21T05:18:10.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-06T08:15:13.503", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-08-23 14:29
Modified
2024-11-21 03:10
Severity ?
Summary
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F8DFD0A-C813-4EA5-B90D-4A05E84D7F68", versionEndIncluding: "2016.11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8F54D0CC-68F0-44E0-B565-BB9EFFE56817", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.", }, { lang: "es", value: "Una vulnerabilidad de salto de directorio en la validación minion id en SaltStack Salt en versiones anteriores a la 2016.11.7 y 2017.7.x en versiones anteriores a la 2017.7.1 permite que minions remotos con credenciales incorrectas se autentiquen en un master mediante un ID minion manipulado.", }, ], id: "CVE-2017-12791", lastModified: "2024-11-21T03:10:12.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-08-23T14:29:00.283", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100384", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", }, { source: "cve@mitre.org", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/42944", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100384", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/42944", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*", matchCriteriaId: "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to \"insecure Usage of /tmp.\"", }, { lang: "es", value: "Vulnerabilidad no especificada en salt-ssh en Salt (conocido como SaltStack) 0.17.0 tiene un impacto y vectores no especificado relacionados con \"Uso inseguro de / tmp.\"", }, ], id: "CVE-2013-4437", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:04.853", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 06:21
Severity ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones anteriores a 3002.5. El cliente ssh de salt-api es vulnerable a una inyección de shell al incluir ProxyCommand en un argumento, o por medio de ssh_options proporcionadas en una petición de API", }, ], id: "CVE-2021-3197", lastModified: "2024-11-21T06:21:07.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:14.317", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-29 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C7449317-8304-4045-AF72-CF78F207D879", versionEndExcluding: "3002.8", versionStartIncluding: "3002", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "318996F4-15C8-4721-BC68-ED3CE42ED5B3", versionEndExcluding: "3003.4", versionStartIncluding: "3003", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "174C223F-0F76-4725-BA07-E9DE35E4E8AE", versionEndExcluding: "3004.1", versionStartIncluding: "3004", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.", }, { lang: "es", value: "Se ha detectado un problema en SaltStack Salt en versiones anteriores a 3002.8, 3003.4, 3004.1. Cuando es configurado como \"Master-of-Masters\", con un publisher_acl, si un usuario configurado en el publisher_acl apunta a cualquier minion conectado al Syndic, el Maestro de Salt interpreta incorrectamente que no presenta objetivos válidos, permitiendo a usuarios configurados apuntar a cualquiera de los minions conectados al syndic con sus comandos configurados. Esto requiere un syndic master combinado con publisher_acl configurado en el Master-of-Masters, permitiendo a usuarios especificados en el publisher_acl omitir los permisos, publicando comandos autorizados a cualquier minion configurado", }, ], id: "CVE-2022-22941", lastModified: "2024-11-21T06:47:38.927", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-29T17:15:15.327", references: [ { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "security@vmware.com", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-24 22:29
Modified
2024-11-21 03:51
Severity ?
Summary
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "4606C48E-A62D-4D22-AEBC-ED19BF3B3B35", versionEndExcluding: "2017.7.8", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0EB62552-FC22-482A-9026-2D7017370B92", versionEndExcluding: "2018.3.3", versionStartIncluding: "2018.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).", }, { lang: "es", value: "SaltStack Salt en versiones anteriores a la 2017.7.8 y 2018.3.x en versiones anteriores a la 2018.3.3 permite que los atacantes remotos omitan la autenticación y ejecuten comandos arbitrarios mediante salt-api(netapi).", }, ], id: "CVE-2018-15751", lastModified: "2024-11-21T03:51:23.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-24T22:29:00.760", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/4459-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4459-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:0.15.0:*:*:*:*:*:*:*", matchCriteriaId: "1C779C5D-AF44-41B7-9F7D-F48A77C21D77", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.1:*:*:*:*:*:*:*", matchCriteriaId: "6837044F-9B5B-41D4-B8ED-878354EC95D6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.0:*:*:*:*:*:*:*", matchCriteriaId: "C8657106-9D19-4D3A-BF9F-0266FD4D5537", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.2:*:*:*:*:*:*:*", matchCriteriaId: "B38ECC74-E5D4-4798-B8B0-C11023ED2F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.3:*:*:*:*:*:*:*", matchCriteriaId: "6A3B9B09-9652-4860-949F-7A1056CAC653", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.4:*:*:*:*:*:*:*", matchCriteriaId: "9BA355D0-0CC3-4A0D-B22D-9B1EA683329F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*", matchCriteriaId: "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.", }, { lang: "es", value: "Salt (conocido como SaltStack) 0.15.0 hasta 0.17.0 permite a usuarios remotos autenticados que utilizan autenticación externa o cliente ACL ejecutar rutinas restringidas mediante la inclusión de la rutina en otra rutina.", }, ], id: "CVE-2013-4435", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:04.807", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | 0.6.0 | |
| saltstack | salt | 0.7.0 | |
| saltstack | salt | 0.8.0 | |
| saltstack | salt | 0.8.7 | |
| saltstack | salt | 0.8.8 | |
| saltstack | salt | 0.8.9 | |
| saltstack | salt | 0.9.0 | |
| saltstack | salt | 0.9.2 | |
| saltstack | salt | 0.9.3 | |
| saltstack | salt | 0.9.4 | |
| saltstack | salt | 0.9.5 | |
| saltstack | salt | 0.9.6 | |
| saltstack | salt | 0.9.7 | |
| saltstack | salt | 0.9.8 | |
| saltstack | salt | 0.9.9 | |
| saltstack | salt | 0.10.0 | |
| saltstack | salt | 0.10.2 | |
| saltstack | salt | 0.10.3 | |
| saltstack | salt | 0.10.4 | |
| saltstack | salt | 0.10.5 | |
| saltstack | salt | 0.11.0 | |
| saltstack | salt | 0.12.0 | |
| saltstack | salt | 0.13.0 | |
| saltstack | salt | 0.14.0 | |
| saltstack | salt | 0.15.0 | |
| saltstack | salt | 0.15.1 | |
| saltstack | salt | 0.16.0 | |
| saltstack | salt | 0.16.2 | |
| saltstack | salt | 0.16.3 | |
| saltstack | salt | 0.16.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "260E6DB8-376F-436C-B26F-BFE2047F6A63", versionEndIncluding: "0.17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D137A81A-6901-41FA-A2E2-D5617ECDE316", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "3018B30C-CB93-48A7-9D1B-CF92466EB8A8", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.8.0:*:*:*:*:*:*:*", matchCriteriaId: "0CF18B6E-6E0B-49FF-8735-891B22F97F9E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.8.7:*:*:*:*:*:*:*", matchCriteriaId: "59BC4B3E-B9CF-46C3-AF0E-FCEEF44300AB", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.8.8:*:*:*:*:*:*:*", matchCriteriaId: "FF6E4414-ACB4-42A5-BD17-5D90738FBA05", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.8.9:*:*:*:*:*:*:*", matchCriteriaId: "C6899D0C-54E0-4327-9242-E3E45E556ABC", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3284EB92-E086-4C03-8078-A066D9332ACC", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.2:*:*:*:*:*:*:*", matchCriteriaId: "892AFE1F-93BE-4C1A-8C65-B881EC5EE129", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.3:*:*:*:*:*:*:*", matchCriteriaId: "74EF26D5-719B-499F-904C-FEDA960465DE", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.4:*:*:*:*:*:*:*", matchCriteriaId: "D0D87AC6-C835-4912-8C23-861CDF74F33F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.5:*:*:*:*:*:*:*", matchCriteriaId: "F25E5947-CC3B-47F4-8CB7-F33B10B6CADB", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.6:*:*:*:*:*:*:*", matchCriteriaId: "8C2401BB-F0B3-46DF-8B43-697ED741078F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "9036A090-3B99-49BA-A9DE-682D91F2CCA5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.8:*:*:*:*:*:*:*", matchCriteriaId: "053C8B66-6833-485C-9AAE-059B083ED167", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.9.9:*:*:*:*:*:*:*", matchCriteriaId: "12BB4BFE-82AE-41B4-B558-9E9AF5DFCA77", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.10.0:*:*:*:*:*:*:*", matchCriteriaId: "A79ADF49-CAA1-4E0C-A1BD-96E5AAF11734", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9ECB42E6-08BC-4FD2-9454-EB8EC5746083", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.10.3:*:*:*:*:*:*:*", matchCriteriaId: "0FD5B170-EAF5-49CC-89E1-4889742CAD5E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.10.4:*:*:*:*:*:*:*", matchCriteriaId: "68776298-D458-4F17-835E-A0F9EA263675", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.10.5:*:*:*:*:*:*:*", matchCriteriaId: "FE697FF2-9938-4143-9C20-57D0A8AAE80F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.11.0:*:*:*:*:*:*:*", matchCriteriaId: "346DEA29-5CAC-4DB2-9E67-2F079CA93E96", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.12.0:*:*:*:*:*:*:*", matchCriteriaId: "470AF174-46C0-4BD3-8679-8CE1B72C96C6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.13.0:*:*:*:*:*:*:*", matchCriteriaId: "02214451-6F5C-4B8C-9C0D-570AA59EBFA4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.14.0:*:*:*:*:*:*:*", matchCriteriaId: "3D0A0404-071C-4070-8E37-68E7B401A8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.0:*:*:*:*:*:*:*", matchCriteriaId: "1C779C5D-AF44-41B7-9F7D-F48A77C21D77", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.1:*:*:*:*:*:*:*", matchCriteriaId: "6837044F-9B5B-41D4-B8ED-878354EC95D6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.0:*:*:*:*:*:*:*", matchCriteriaId: "C8657106-9D19-4D3A-BF9F-0266FD4D5537", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.2:*:*:*:*:*:*:*", matchCriteriaId: "B38ECC74-E5D4-4798-B8B0-C11023ED2F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.3:*:*:*:*:*:*:*", matchCriteriaId: "6A3B9B09-9652-4860-949F-7A1056CAC653", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.4:*:*:*:*:*:*:*", matchCriteriaId: "9BA355D0-0CC3-4A0D-B22D-9B1EA683329F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.", }, { lang: "es", value: "Salt (también conocidmo como SaltStack) anterior a la versión 0.17.1 permite a atacantes remotos ejecutar código YAML arbitrario a través de vectores sin especificar. NOTA: el proveedor afirma que esta podría no ser una vulnerabilidad porque el YAML a cargar ya se ha determinado que es seguro.", }, ], id: "CVE-2013-4438", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:04.900", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:22
Severity ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones anteriores a 3002.5. La comprobación de reinicio del minion es vulnerable a una inyección de comandos por medio de un nombre de proceso diseñado. Esto permite una escalada de privilegios local por parte de cualquier usuario capaz de crear archivos en el minion en un directorio no incluido en la lista negra", }, ], id: "CVE-2020-28243", lastModified: "2024-11-21T05:22:30.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:13.630", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/stealthcopter/CVE-2020-28243", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://sec.stealthcopter.com/cve-2020-28243/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/stealthcopter/CVE-2020-28243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://sec.stealthcopter.com/cve-2020-28243/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:54
Severity ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.", }, { lang: "es", value: "Se detectó un problema por medio de SaltStack Salt versiones anteriores a 3002.5. salt.modules.cmdmod puede registrar credenciales para el nivel de registro de información o error", }, ], id: "CVE-2021-25284", lastModified: "2024-11-21T05:54:40.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:14.037", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-17 02:15
Modified
2024-11-21 04:32
Severity ?
Summary
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.1 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "22E2FFD4-2E0A-495C-8224-B9FDCFBBDF95", versionEndIncluding: "2019.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.", }, { lang: "es", value: "En SaltStack Salt hasta 2019.2.0, la API NET de salt-api con el cliente ssh habilitado es vulnerable a la inyección de comandos. Esto permite que un atacante no autenticado con acceso de red al punto final de la API ejecute código arbitrario en el host salt-api.", }, ], id: "CVE-2019-17361", lastModified: "2024-11-21T04:32:10.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-17T02:15:11.493", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commits/master", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commits/master", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-07 17:59
Modified
2024-11-21 03:01
Severity ?
Summary
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/11/25/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/11/25/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/94553 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/11/25/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/11/25/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94553 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "601AD350-4B5C-4987-8B88-25CBB8B070EC", versionEndIncluding: "2015.8.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.", }, { lang: "es", value: "Salt en versiones anteriores a 2015.8.11 permite a minions eliminados para leer o escribir minions con el mismo id, relacionado con el almacenamiento en caché.", }, ], id: "CVE-2016-9639", lastModified: "2024-11-21T03:01:33.433", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-07T17:59:00.617", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94553", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:54
Severity ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.", }, { lang: "es", value: "Se detectó un problema por medio de SaltStack Salt versiones anteriores a 3002.5. El método salt.wheel.pillar_roots.write es vulnerable a un salto de directorios", }, ], id: "CVE-2021-25282", lastModified: "2024-11-21T05:54:40.447", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:13.910", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-26 14:29
Modified
2024-11-21 03:27
Severity ?
Summary
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | Release Notes, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5135EC7D-6FA9-4F57-A282-5F8DA85E8C18", versionEndIncluding: "2015.8.12", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.0:*:*:*:*:*:*:*", matchCriteriaId: "45FAF769-AFAC-4235-916C-F6EDA3CD1CA6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.1:*:*:*:*:*:*:*", matchCriteriaId: "458E57E7-BF82-4863-B4E4-F39754B6665F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.2:*:*:*:*:*:*:*", matchCriteriaId: "5C015342-15C6-4970-9137-10F900962159", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2D2868E1-D6E6-4EBC-8330-6603D93C8EB7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.4:*:*:*:*:*:*:*", matchCriteriaId: "BD78645D-A0ED-4B22-982E-A65C016D7384", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*", matchCriteriaId: "F5B7EDF4-414F-429A-BD20-0B967737598C", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*", matchCriteriaId: "594339CF-8192-425D-9C8C-AA51342D9477", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E54FADCE-5311-4C8A-9527-1623F9AAC69E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.", }, { lang: "es", value: "salt-api en SaltStack Salt en versiones anteriores a la 2015.8.13, las versiones 2016.3.x anteriores a 2016.3.5 y las versiones 2016.11.x anteriores a 2016.11.2 permite la ejecución arbitraria de comandos en un salt_master mediante el ssh_client de Salt.", }, ], id: "CVE-2017-5200", lastModified: "2024-11-21T03:27:15.590", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-26T14:29:00.597", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-08 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| microsoft | windows | - | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB901A07-AF79-42E0-882F-2F5425358EA8", versionEndExcluding: "3000.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\\salt\\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones anteriores a 3003.3. El instalador de minions de Salt aceptará y usará un archivo de configuración de minions en C:\\salt\\conf si ese archivo está en su lugar antes de que se ejecute el instalador. Esto permite a un actor malicioso subvertir el comportamiento adecuado del software minion dado", }, ], id: "CVE-2021-22004", lastModified: "2024-11-21T05:49:25.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-08T15:15:12.723", references: [ { source: "security@vmware.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "security@vmware.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "security@vmware.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 06:20
Severity ?
Summary
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)", }, { lang: "es", value: "En SaltStack Salt versiones anteriores a 3002.5, los tokens de eauth pueden ser usados una vez después de su vencimiento. (Pueden ser usados para ejecutar un comando contra el maestro de sal o los minions)", }, ], id: "CVE-2021-3144", lastModified: "2024-11-21T06:20:58.993", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:14.113", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-30 17:15
Modified
2025-04-03 19:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| vmware | application_remote_collector | 7.5.0 | |
| vmware | application_remote_collector | 8.0.0 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SaltStack Salt Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5861CF02-E8F5-494E-8F51-5AB233260828", versionEndExcluding: "2019.2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "E84C993E-1C6B-4984-9552-4A76A1FE3EF2", versionEndExcluding: "3000.2", versionStartIncluding: "3000", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:application_remote_collector:7.5.0:*:*:*:*:*:*:*", matchCriteriaId: "96DB76F8-036A-4401-B926-9B5156E032C1", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:application_remote_collector:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4C3F42E7-CB56-4287-B09F-C5528B97EB7C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.", }, { lang: "es", value: "Se ha descubierto un fallo de salto de archivo en todas las versiones de ansible-engine 2.9.x anteriores a la versión 2.9.7, cuando se ejecuta una instalación de una colección ansible-galaxy. Al extraer un archivo .tar.gz de la colección, el directorio es creado sin sanear el nombre del archivo. Un atacante podría aprovechar para sobrescribir cualquier archivo dentro del sistema.", }, ], id: "CVE-2020-11651", lastModified: "2025-04-03T19:44:09.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-04-30T17:15:12.143", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-30 17:15
Modified
2025-04-03 19:52
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| blackberry | workspaces_server | * | |
| blackberry | workspaces_server | * | |
| blackberry | workspaces_server | 9.1.0 | |
| vmware | application_remote_collector | 7.5.0 | |
| vmware | application_remote_collector | 8.0.0 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SaltStack Salt Path Traversal Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5861CF02-E8F5-494E-8F51-5AB233260828", versionEndExcluding: "2019.2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "E84C993E-1C6B-4984-9552-4A76A1FE3EF2", versionEndExcluding: "3000.2", versionStartIncluding: "3000", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:blackberry:workspaces_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C5B41060-E2BF-4C6B-9058-1A4C29D4B922", versionEndIncluding: "7.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:blackberry:workspaces_server:*:*:*:*:*:*:*:*", matchCriteriaId: "1E2E34D6-A5DA-497C-8019-4B41BFD0E726", versionEndIncluding: "8.2.6", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:blackberry:workspaces_server:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F418742F-5FCB-49ED-AD0D-DFDFF6AFA01D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:application_remote_collector:7.5.0:*:*:*:*:*:*:*", matchCriteriaId: "96DB76F8-036A-4401-B926-9B5156E032C1", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:application_remote_collector:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4C3F42E7-CB56-4287-B09F-C5528B97EB7C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.", }, { lang: "es", value: "Se descubrió un problema en SaltStack Salt versiones anteriores a la versión 2019.2.4 y versiones 3000 anteriores a 3000.2. La clase ClearFuncs del proceso Salt-master permite acceder a algunos métodos que sanean inapropiadamente las rutas. Estos métodos permiten acceso a directorios arbitrarios a usuarios autenticados.", }, ], id: "CVE-2020-11652", lastModified: "2025-04-03T19:52:25.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-04-30T17:15:12.190", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4459-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4676", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:0.11.0:*:*:*:*:*:*:*", matchCriteriaId: "346DEA29-5CAC-4DB2-9E67-2F079CA93E96", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.12.0:*:*:*:*:*:*:*", matchCriteriaId: "470AF174-46C0-4BD3-8679-8CE1B72C96C6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.13.0:*:*:*:*:*:*:*", matchCriteriaId: "02214451-6F5C-4B8C-9C0D-570AA59EBFA4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.14.0:*:*:*:*:*:*:*", matchCriteriaId: "3D0A0404-071C-4070-8E37-68E7B401A8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.0:*:*:*:*:*:*:*", matchCriteriaId: "1C779C5D-AF44-41B7-9F7D-F48A77C21D77", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.1:*:*:*:*:*:*:*", matchCriteriaId: "6837044F-9B5B-41D4-B8ED-878354EC95D6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.0:*:*:*:*:*:*:*", matchCriteriaId: "C8657106-9D19-4D3A-BF9F-0266FD4D5537", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.2:*:*:*:*:*:*:*", matchCriteriaId: "B38ECC74-E5D4-4798-B8B0-C11023ED2F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.3:*:*:*:*:*:*:*", matchCriteriaId: "6A3B9B09-9652-4860-949F-7A1056CAC653", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.4:*:*:*:*:*:*:*", matchCriteriaId: "9BA355D0-0CC3-4A0D-B22D-9B1EA683329F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*", matchCriteriaId: "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.", }, { lang: "es", value: "El \"salt master\" en Salt (aka SaltStack) 0.11.0 hasta la versión 0.17.0 no libera adecuadamente los privilegios de grupo, lo que hace más fácil para un atacante remoto obtener privilegios.", }, ], id: "CVE-2013-6617", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:06.277", references: [ { source: "cve@mitre.org", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-13 14:59
Modified
2024-11-21 02:26
Severity ?
Summary
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| fedoraproject | fedora | 23 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "AABB487A-AC69-46DA-97AC-7467DC67A05D", versionEndIncluding: "2014.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, { lang: "es", value: "modules/chef.py en SaltStack en versiones anteriores a 2014.7.4 no maneja correctamente archivos en /tmp.", }, ], id: "CVE-2015-1839", lastModified: "2024-11-21T02:26:14.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-13T14:59:00.760", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-29 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C7449317-8304-4045-AF72-CF78F207D879", versionEndExcluding: "3002.8", versionStartIncluding: "3002", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "318996F4-15C8-4721-BC68-ED3CE42ED5B3", versionEndExcluding: "3003.4", versionStartIncluding: "3003", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "174C223F-0F76-4725-BA07-E9DE35E4E8AE", versionEndExcluding: "3004.1", versionStartIncluding: "3004", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.", }, { lang: "es", value: "Se ha detectado un problema en SaltStack Salt en versiones anteriores a 3002.8, 3003.4, 3004.1. Las publicaciones de trabajos y las respuestas del servidor de archivos son susceptibles de ataques de repetición, lo que puede resultar en que un atacante reproduzca las publicaciones de trabajos causando que los minions ejecuten trabajos antiguos. Las respuestas del servidor de archivos también pueden ser reproducidas. Un atacante suficientemente diseñado podría conseguir acceso root en el minion bajo determinados escenarios", }, ], id: "CVE-2022-22936", lastModified: "2024-11-21T06:47:38.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-29T17:15:15.273", references: [ { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "security@vmware.com", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-294", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-06 08:15
Modified
2025-03-14 17:28
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | 3001 | |
| saltstack | salt | 3002 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 31 | |
| opensuse | leap | 15.1 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SaltStack Salt Shell Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B0A54497-D7E2-4A2C-9719-4D992B296498", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "920C57AF-6E88-465A-83FA-AB947D4C6F0B", versionEndExcluding: "2016.11.6", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C45ACC11-CA9B-4451-B6DD-BD784349CDE8", versionEndExcluding: "2017.7.4", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "BD998745-FA62-4894-A4FC-767F0DE131B9", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "9747884A-8B29-42C9-BF5E-5B6D883A78E3", versionEndExcluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "D64191C4-C3D3-4615-B7D5-26ADA8BD7C7B", versionEndExcluding: "3000.3", versionStartIncluding: "3000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*", matchCriteriaId: "74CAD70E-E77C-4010-B224-CEE3968CB6A2", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3002:*:*:*:*:*:*:*", matchCriteriaId: "F5D7215A-820E-446C-844C-DC4C61BD1884", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones hasta 3002. El envío de peticiones web diseñadas a la Salt API, con el cliente SSH habilitado, puede resultar en una inyección shell", }, ], id: "CVE-2020-16846", lastModified: "2025-03-14T17:28:24.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-11-06T08:15:13.283", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-31 19:59
Modified
2024-11-21 02:49
Severity ?
Summary
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html | Release Notes, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7446FC47-56FF-4A51-BD18-5D1850CB7452", versionEndIncluding: "2015.5.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.0:*:*:*:*:*:*:*", matchCriteriaId: "072A1612-9531-4EDC-91E6-4BA8EDB73197", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.1:*:*:*:*:*:*:*", matchCriteriaId: "4FD2D2C8-6675-47BF-9218-940802B6B0E5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.2:*:*:*:*:*:*:*", matchCriteriaId: "1C778BCA-9BAA-4711-A331-D231CDA83F78", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.3:*:*:*:*:*:*:*", matchCriteriaId: "46DB7774-ADC3-402E-86DB-D9F5C1E21F53", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.4:*:*:*:*:*:*:*", matchCriteriaId: "DFD0BFE1-3406-47DA-B169-056DAE6F8D49", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.5:*:*:*:*:*:*:*", matchCriteriaId: "99831A40-E83D-4DD9-8917-881C24152926", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.7:*:*:*:*:*:*:*", matchCriteriaId: "304437DB-0092-4F64-8618-6CCCACF97DA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.", }, { lang: "es", value: "Salt en versiones anteriores a 2015.5.10 y 2015.8.x en versiones anteriores a 2015.8.8, cuando la autenticación externa de PAM está habilitada, permite a atacantes eludir el servicio de autenticación configurado pasando un servicio alternativo con un comando enviado a LocalClient.", }, ], id: "CVE-2016-3176", lastModified: "2024-11-21T02:49:32.367", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-31T19:59:00.183", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-10-24 17:29
Modified
2024-11-21 03:13
Severity ?
Summary
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | 2016.11 | |
| saltstack | salt | 2016.11.0 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.2 | |
| saltstack | salt | 2016.11.3 | |
| saltstack | salt | 2016.11.4 | |
| saltstack | salt | 2016.11.5 | |
| saltstack | salt | 2016.11.6 | |
| saltstack | salt | 2016.11.7 | |
| saltstack | salt | 2017.7.0 | |
| saltstack | salt | 2017.7.0 | |
| saltstack | salt | 2017.7.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5250DF-593F-42C2-A64F-47CE0E65070F", versionEndIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11:*:*:*:*:*:*:*", matchCriteriaId: "689B37E8-7274-4B5A-9419-538A9AB7B99F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*", matchCriteriaId: "F5B7EDF4-414F-429A-BD20-0B967737598C", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*", matchCriteriaId: "594339CF-8192-425D-9C8C-AA51342D9477", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:rc1:*:*:*:*:*:*", matchCriteriaId: "80E02A57-EA6E-4729-8E4E-4F444DA0A88E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:rc2:*:*:*:*:*:*", matchCriteriaId: "6110046D-0532-41DB-9DF0-BB1BD1447D6E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E54FADCE-5311-4C8A-9527-1623F9AAC69E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.3:*:*:*:*:*:*:*", matchCriteriaId: "4E904BB7-706A-43E0-96CE-2A9E671E4FB3", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.4:*:*:*:*:*:*:*", matchCriteriaId: "0338B627-4E56-4B47-87BA-CE9446CB6345", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.5:*:*:*:*:*:*:*", matchCriteriaId: "FB77EB21-90F0-4E5F-8C2F-2973460A1E05", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.6:*:*:*:*:*:*:*", matchCriteriaId: "536FF3D1-C16D-4F40-8E80-D5956FC6693F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.7:*:*:*:*:*:*:*", matchCriteriaId: "CED0077F-8C9D-4043-B15E-61547A0EE58A", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8F54D0CC-68F0-44E0-B565-BB9EFFE56817", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.0:rc1:*:*:*:*:*:*", matchCriteriaId: "97BDE3E9-E1C7-4D8D-B886-A3CE617BF12E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.1:*:*:*:*:*:*:*", matchCriteriaId: "87ABC6C6-5E17-4732-B24C-032767D6EBC1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.", }, { lang: "es", value: "SaltStack Salt en versiones anteriores a la 2016.3.8, en versiones 2016.11.x anteriores a la 2016.11.8 y versiones 2017.7.x anteriores a la 2017.7.2 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante una petición de autenticación manipulada.", }, ], id: "CVE-2017-14696", lastModified: "2024-11-21T03:13:20.623", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-24T17:29:00.370", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle (MITM) attack.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*", matchCriteriaId: "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle (MITM) attack.", }, { lang: "es", value: "La configuración por defecto para salt-ssh en Salt (conocido como SaltStack) 0.17.0 no valida la clave de host SSH de solicitudes, lo que permite a atacantes remotos tener un impacto no especificado a través de un ataque man-in-the-middle (MITM).", }, ], id: "CVE-2013-4436", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:04.837", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-05 11:15
Modified
2025-02-13 17:16
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B70F6397-8CB9-47B6-A4BF-C7E4A1017F6A", versionEndExcluding: "3005.2", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A22FBD43-AC7E-45B9-9EC5-340CF735773E", versionEndExcluding: "3006.2", versionStartIncluding: "3006.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.", }, { lang: "es", value: "Salt masters anteriores a 3005.2 o 3006.2 contienen un DOS en retorno minion. Después de recibir varios paquetes incorrectos en el servidor de solicitudes igual al número de subprocesos de trabajo, el master dejará de responder a las solicitudes de devolución hasta que se reinicie.", }, ], id: "CVE-2023-20897", lastModified: "2025-02-13T17:16:02.387", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "security@vmware.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-05T11:15:32.973", references: [ { source: "security@vmware.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-404", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-05 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:0.15.0:*:*:*:*:*:*:*", matchCriteriaId: "1C779C5D-AF44-41B7-9F7D-F48A77C21D77", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.15.1:*:*:*:*:*:*:*", matchCriteriaId: "6837044F-9B5B-41D4-B8ED-878354EC95D6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.0:*:*:*:*:*:*:*", matchCriteriaId: "C8657106-9D19-4D3A-BF9F-0266FD4D5537", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.2:*:*:*:*:*:*:*", matchCriteriaId: "B38ECC74-E5D4-4798-B8B0-C11023ED2F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.3:*:*:*:*:*:*:*", matchCriteriaId: "6A3B9B09-9652-4860-949F-7A1056CAC653", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.16.4:*:*:*:*:*:*:*", matchCriteriaId: "9BA355D0-0CC3-4A0D-B22D-9B1EA683329F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*", matchCriteriaId: "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.", }, { lang: "es", value: "Salt (también conocido como SaltStack) anterior a la versión 0.15.0 hasta la versión 0.17.0 permite a minions remotos autenticados hacerse pasar por minions arbitrarios a través de uno manipulado sin llave válida.", }, ], id: "CVE-2013-4439", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-05T18:55:05.010", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "secalert@redhat.com", url: "https://github.com/saltstack/salt/pull/7356", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/saltstack/salt/pull/7356", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-26 14:29
Modified
2024-11-21 03:27
Severity ?
Summary
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | Release Notes, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5135EC7D-6FA9-4F57-A282-5F8DA85E8C18", versionEndIncluding: "2015.8.12", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.0:*:*:*:*:*:*:*", matchCriteriaId: "45FAF769-AFAC-4235-916C-F6EDA3CD1CA6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.1:*:*:*:*:*:*:*", matchCriteriaId: "458E57E7-BF82-4863-B4E4-F39754B6665F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.2:*:*:*:*:*:*:*", matchCriteriaId: "5C015342-15C6-4970-9137-10F900962159", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2D2868E1-D6E6-4EBC-8330-6603D93C8EB7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.3.4:*:*:*:*:*:*:*", matchCriteriaId: "BD78645D-A0ED-4B22-982E-A65C016D7384", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*", matchCriteriaId: "F5B7EDF4-414F-429A-BD20-0B967737598C", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*", matchCriteriaId: "594339CF-8192-425D-9C8C-AA51342D9477", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E54FADCE-5311-4C8A-9527-1623F9AAC69E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.", }, { lang: "es", value: "Al utilizar el cliente local_batch de salt-api en SaltStack Salt en versiones anteriores a la 2015.8.13, las versiones 2016.3.x anteriores a 2016.3.5 y las versiones 2016.11.x anteriores a 2016.11.2, no se respeta la autenticación externa, por lo que se permite la omisión de todas las autenticaciones.", }, ], id: "CVE-2017-5192", lastModified: "2024-11-21T03:27:14.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-26T14:29:00.563", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-05 11:15
Modified
2025-02-13 17:16
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B70F6397-8CB9-47B6-A4BF-C7E4A1017F6A", versionEndExcluding: "3005.2", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A22FBD43-AC7E-45B9-9EC5-340CF735773E", versionEndExcluding: "3006.2", versionStartIncluding: "3006.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.", }, { lang: "es", value: "Git Providers pueden leer desde el entorno incorrecto porque obtienen el mismo nombre base de directorio de caché en los Salt Masters anteriores a 3005.2 o 3006.2. Cualquier cosa que use proveedores de Git con diferentes entornos puede obtener datos basura o datos incorrectos, lo que puede conducir a la divulgación de datos incorrecta, ejecuciones incorrectas, corrupción de datos y / o bloqueo.", }, ], id: "CVE-2023-20898", lastModified: "2025-02-13T17:16:02.527", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 2.7, source: "security@vmware.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-05T11:15:33.300", references: [ { source: "security@vmware.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, { source: "security@vmware.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:54
Severity ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.", }, { lang: "es", value: "Se detectó un problema por medio de SaltStack Salt versiones anteriores a 3002.5. El renderizador jinja no protege contra ataques de inyección de plantilla del lado del servidor", }, ], id: "CVE-2021-25283", lastModified: "2024-11-21T05:54:40.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:13.973", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-03 10:15
Modified
2024-11-21 05:54
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| meissner@suse.de | https://bugzilla.suse.com/show_bug.cgi?id=1182382 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1182382 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| opensuse | tumbleweed | - | |
| suse | suse_linux_enterprise_server | 15 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A696063D-82E2-4F3B-8E0F-CA7141CC6A22", versionEndExcluding: "3002.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:tumbleweed:-:*:*:*:*:*:*:*", matchCriteriaId: "107C84EE-5E5C-4C36-A6DA-295144A527E9", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp3:*:*:*:*:*:*", matchCriteriaId: "484ABC86-9E8B-4645-8A52-DB2343649E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.", }, { lang: "es", value: "Una vulnerabilidad de Implementación Incorrecta del Algoritmo de Autenticación en SUSE SUSE Linux Enterprise Server versión 15 SP 3; openSUSE Tumbleweed, permite a atacantes locales ejecutar código arbitrario por medio de una sal sin la necesidad de especificar credenciales válidas. Este problema afecta a: salt de SUSE SUSE Linux Enterprise Server versión 15 SP 3 versiones anteriores a 3002.2-3. salt de openSUSE Tumbleweed versión 3002.2-2.1 y versiones anteriores", }, ], id: "CVE-2021-25315", lastModified: "2024-11-21T05:54:43.943", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "meissner@suse.de", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-03T10:15:13.940", references: [ { source: "meissner@suse.de", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1182382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1182382", }, ], sourceIdentifier: "meissner@suse.de", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "meissner@suse.de", type: "Primary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-24 22:29
Modified
2024-11-21 03:51
Severity ?
Summary
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "4606C48E-A62D-4D22-AEBC-ED19BF3B3B35", versionEndExcluding: "2017.7.8", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0EB62552-FC22-482A-9026-2D7017370B92", versionEndExcluding: "2018.3.3", versionStartIncluding: "2018.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.", }, { lang: "es", value: "Vulnerabilidad de salto de directorio en salt-api en SaltStack Salt en versiones anteriores a la 2017.7.8 y versiones 2018.3.x anteriores a la 2018.3.3 permite que atacantes remotos determinen qué archivos existen en el servidor.", }, ], id: "CVE-2018-15750", lastModified: "2024-11-21T03:51:23.720", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-24T22:29:00.540", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/4459-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4459-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-12 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:2015.8.0:*:*:*:*:*:*:*", matchCriteriaId: "072A1612-9531-4EDC-91E6-4BA8EDB73197", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.1:*:*:*:*:*:*:*", matchCriteriaId: "4FD2D2C8-6675-47BF-9218-940802B6B0E5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.2:*:*:*:*:*:*:*", matchCriteriaId: "1C778BCA-9BAA-4711-A331-D231CDA83F78", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2015.8.3:*:*:*:*:*:*:*", matchCriteriaId: "46DB7774-ADC3-402E-86DB-D9F5C1E21F53", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.", }, { lang: "es", value: "Salt 2015.8.x en versiones anteriores a 2015.8.4 no maneja correctamente mensajes en claro en el minion, lo que permite a atacantes man-in-the-middle ejecutar código arbitrario insertando paquetes en el flujo de datos del minion-master.", }, ], id: "CVE-2016-1866", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-12T14:59:09.087", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-29 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C7449317-8304-4045-AF72-CF78F207D879", versionEndExcluding: "3002.8", versionStartIncluding: "3002", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "318996F4-15C8-4721-BC68-ED3CE42ED5B3", versionEndExcluding: "3003.4", versionStartIncluding: "3003", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "174C223F-0F76-4725-BA07-E9DE35E4E8AE", versionEndExcluding: "3004.1", versionStartIncluding: "3004", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.", }, { lang: "es", value: "Se ha detectado un problema en SaltStack Salt en versiones anteriores a 3002.8, 3003.4, 3004.1. Los maestros de Salt no firman los datos del pilar con la clave pública del minion, lo que puede resultar en que los atacantes sustituyan datos arbitrarios del pilar", }, ], id: "CVE-2022-22934", lastModified: "2024-11-21T06:47:38.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-29T17:15:15.170", references: [ { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "security@vmware.com", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-13 14:59
Modified
2024-11-21 02:26
Severity ?
Summary
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| fedoraproject | fedora | 23 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "AABB487A-AC69-46DA-97AC-7467DC67A05D", versionEndIncluding: "2014.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, { lang: "es", value: "modules/serverdensity_device.py en SaltStack en versiones anteriores a 2014.7.4 no maneja correctamente archivos en /tmp.", }, ], id: "CVE-2015-1838", lastModified: "2024-11-21T02:26:14.700", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-13T14:59:00.713", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:23
Severity ?
Summary
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.", }, { lang: "es", value: "En SaltStack Salt versiones anteriores a 3002.5, una autenticación en los servidores VMware vcenter, vsphere y esxi (en los archivos vmware.py) no siempre comprueba el certificado SSL/TLS", }, ], id: "CVE-2020-28972", lastModified: "2024-11-21T05:23:24.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:13.690", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:27
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.", }, { lang: "es", value: "En SaltStack Salt versiones anteriores a 3002.5, cuando se autentican en servicios usando determinados módulos, el certificado SSL no siempre es comprobado", }, ], id: "CVE-2020-35662", lastModified: "2024-11-21T05:27:47.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-02-27T05:15:13.753", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-295", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2017-08-25 18:29
Modified
2024-11-21 02:30
Severity ?
Summary
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/05/19/2 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1222960 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html | Patch, Release Notes, Vendor Advisory | |
| cve@mitre.org | https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/05/19/2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1222960 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html | Patch, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:2014.7.5:*:*:*:*:*:*:*", matchCriteriaId: "0B8CB360-895C-4E24-8FD2-08C8CD5FB507", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.", }, { lang: "es", value: "Salt en versiones anteriores a la 2014.7.6 no verifica los certificados cuando se conecta mediante los módulos aliyun, proxmox y splunk.", }, ], id: "CVE-2015-4017", lastModified: "2024-11-21T02:30:16.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-08-25T18:29:00.763", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/19/2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", }, { source: "cve@mitre.org", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", }, { source: "cve@mitre.org", url: "https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/05/19/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-17 18:15
Modified
2025-03-18 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A8418628-9D4F-44AD-8804-EB988C93B529", versionEndIncluding: "3003", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input", }, ], id: "CVE-2021-33226", lastModified: "2025-03-18T19:15:38.633", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-17T18:15:11.083", references: [ { source: "cve@mitre.org", url: "https://bugzilla.suse.com/show_bug.cgi?id=1208473", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/saltstack/salt/blob/master/salt/modules/status.py", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.suse.com/show_bug.cgi?id=1208473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/saltstack/salt/blob/master/salt/modules/status.py", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 05:54
Severity ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.", }, { lang: "es", value: "Se detectó un problema por medio de SaltStack Salt versiones anteriores a 3002.5. salt-api no respeta las credenciales de eauth para el cliente wheel_async. Por lo tanto, un atacante puede ejecutar remotamente cualquier módulo wheel en el maestro", }, ], id: "CVE-2021-25281", lastModified: "2024-11-21T05:54:40.273", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:13.847", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-27 05:15
Modified
2024-11-21 06:20
Severity ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "67FBC561-336A-4F25-B347-C4CA029B6E30", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.3.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A5E17739-655C-4FAC-A73B-985132B32C73", versionEndExcluding: "2016.11.5", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "3721B047-2595-4E79-8FDD-B1224FC0DD2C", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8FA088-6AAD-46DF-884C-7362CB4BE430", versionEndIncluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "40369149-A5C3-4759-844F-3510559397C5", versionEndExcluding: "2019.2.8", versionStartIncluding: "2019.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "906D2835-186A-455E-84EB-E982564B9CBD", versionEndExcluding: "3000.6", versionStartIncluding: "3000", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0E0DA3-49F7-4938-9FBD-F3680B1BDBB6", versionEndExcluding: "3001.4", versionStartIncluding: "3001", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "6B757DF0-6490-4FE7-9C98-5D8C700A4377", versionEndExcluding: "3002.5", versionStartIncluding: "3002", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones anteriores a 3002.5. El envío de peticiones web diseñadas a la API de Salt puede resultar en una inyección del comando de la función salt.utils.thin.gen_thin() debido al manejo diferente de las comillas simples y las dobles. Esto está relacionado con el archivo salt/utils/thin.py", }, ], id: "CVE-2021-3148", lastModified: "2024-11-21T06:20:59.690", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-27T05:15:14.190", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-22 17:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B68CA5F8-0A4B-4B03-A20D-5057F2E643DD", versionEndIncluding: "2014.1.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.", }, { lang: "es", value: "Múltiples vulnerabilidades no especificadas en Salt (también conocido como SaltStack) anterior a 2014.1.10 permiten a usuarios locales tener un impacto no especificado a través de vectores relacionados con la creación de ficheros temporales en (1) seed.py, (2) salt-ssh, o (3) salt-cloud.", }, ], id: "CVE-2014-3563", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-22T17:55:02.517", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://seclists.org/oss-sec/2014/q3/428", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/69319", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://seclists.org/oss-sec/2014/q3/428", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/69319", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-23 06:15
Modified
2024-11-21 06:05
Severity ?
Summary
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "4356368B-804F-4201-85FA-BDF1F66DEDD6", versionEndIncluding: "3002.6", versionStartIncluding: "2016.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).", }, { lang: "es", value: "En SaltStack Salt versiones 2016.9 hasta 3002.6, se presenta una vulnerabilidad de inyección de comando en el módulo snapper que permite una escalada local de privilegios en un minion. El ataque requiere que sea creado un archivo con un nombre de ruta respaldado por snapper, y que el maestro llame a la función snapper.diff (que ejecuta popen de manera no segura)", }, ], id: "CVE-2021-31607", lastModified: "2024-11-21T06:05:59.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-23T06:15:07.893", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-23 22:29
Modified
2024-11-21 03:32
Severity ?
Summary
In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C82EA51C-9F85-46A1-96C9-91EC0E899F5A", versionEndExcluding: "2016.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.", }, { lang: "es", value: "En SaltStack Salt, en versiones anteriores a la 2016.3.6, los salt-minions comprometidos pueden suplantar al salt-master.", }, ], id: "CVE-2017-7893", lastModified: "2024-11-21T03:32:54.657", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-23T22:29:00.227", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-10-24 17:29
Modified
2024-11-21 03:13
Severity ?
Summary
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | 2016.11 | |
| saltstack | salt | 2016.11.0 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.1 | |
| saltstack | salt | 2016.11.2 | |
| saltstack | salt | 2016.11.3 | |
| saltstack | salt | 2016.11.4 | |
| saltstack | salt | 2016.11.5 | |
| saltstack | salt | 2016.11.6 | |
| saltstack | salt | 2016.11.7 | |
| saltstack | salt | 2017.7.0 | |
| saltstack | salt | 2017.7.0 | |
| saltstack | salt | 2017.7.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5250DF-593F-42C2-A64F-47CE0E65070F", versionEndIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11:*:*:*:*:*:*:*", matchCriteriaId: "689B37E8-7274-4B5A-9419-538A9AB7B99F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*", matchCriteriaId: "F5B7EDF4-414F-429A-BD20-0B967737598C", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*", matchCriteriaId: "594339CF-8192-425D-9C8C-AA51342D9477", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:rc1:*:*:*:*:*:*", matchCriteriaId: "80E02A57-EA6E-4729-8E4E-4F444DA0A88E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:rc2:*:*:*:*:*:*", matchCriteriaId: "6110046D-0532-41DB-9DF0-BB1BD1447D6E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E54FADCE-5311-4C8A-9527-1623F9AAC69E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.3:*:*:*:*:*:*:*", matchCriteriaId: "4E904BB7-706A-43E0-96CE-2A9E671E4FB3", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.4:*:*:*:*:*:*:*", matchCriteriaId: "0338B627-4E56-4B47-87BA-CE9446CB6345", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.5:*:*:*:*:*:*:*", matchCriteriaId: "FB77EB21-90F0-4E5F-8C2F-2973460A1E05", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.6:*:*:*:*:*:*:*", matchCriteriaId: "536FF3D1-C16D-4F40-8E80-D5956FC6693F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.7:*:*:*:*:*:*:*", matchCriteriaId: "CED0077F-8C9D-4043-B15E-61547A0EE58A", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8F54D0CC-68F0-44E0-B565-BB9EFFE56817", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.0:rc1:*:*:*:*:*:*", matchCriteriaId: "97BDE3E9-E1C7-4D8D-B886-A3CE617BF12E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2017.7.1:*:*:*:*:*:*:*", matchCriteriaId: "87ABC6C6-5E17-4732-B24C-032767D6EBC1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.", }, { lang: "es", value: "Una vulnerabilidad de salto de directorio en la validación minion id en SaltStack Salt en versiones anteriores a la 2016.3.8, en versiones 2016.11.x anteriores a la 2016.11.8 y versiones 2017.7.x anteriores a la 2017.7.2 permite que minions remotos con credenciales incorrectas se autentiquen en un master mediante un ID minion manipulado. NOTA: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2017-12791.", }, ], id: "CVE-2017-14695", lastModified: "2024-11-21T03:13:20.487", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-24T17:29:00.323", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-08 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "EB901A07-AF79-42E0-882F-2F5425358EA8", versionEndExcluding: "3000.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones anteriores a 3003.3. Un usuario que presenta el control de las URLs source, y source_hash puede conseguir acceso completo al sistema de archivos como root en un minion de Salt", }, ], id: "CVE-2021-21996", lastModified: "2024-11-21T05:49:24.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-08T15:15:12.670", references: [ { source: "security@vmware.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html", }, { source: "security@vmware.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html", }, { source: "security@vmware.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "security@vmware.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "security@vmware.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "security@vmware.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-30 22:59
Modified
2024-11-21 02:37
Severity ?
Summary
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A4596B09-C53D-4B19-91A3-BB0F2731CE0D", versionEndIncluding: "2015.8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.", }, { lang: "es", value: "La función state.sls en Salt en versiones anteriores a 2015.8.3 utiliza permisos débiles en los datos de caché, lo que permite a los usuarios locales obtener información sensible leyendo el archivo.", }, ], id: "CVE-2015-8034", lastModified: "2024-11-21T02:37:53.383", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-30T22:59:00.263", references: [ { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/96390", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/96390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-29 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C7449317-8304-4045-AF72-CF78F207D879", versionEndExcluding: "3002.8", versionStartIncluding: "3002", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "318996F4-15C8-4721-BC68-ED3CE42ED5B3", versionEndExcluding: "3003.4", versionStartIncluding: "3003", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "174C223F-0F76-4725-BA07-E9DE35E4E8AE", versionEndExcluding: "3004.1", versionStartIncluding: "3004", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.", }, { lang: "es", value: "Se ha detectado un problema en SaltStack Salt en versiones anteriores a 3002.8, 3003.4, 3004.1. Una denegación de servicio de autenticación de minion puede causar que un atacante de tipo MiTM fuerce la detención de un proceso minion al suplantar a un master", }, ], id: "CVE-2022-22935", lastModified: "2024-11-21T06:47:38.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-29T17:15:15.220", references: [ { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "security@vmware.com", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/saltstack/salt/releases%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://repo.saltproject.io/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-23 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://repo.saltproject.io/ | Product, Vendor Advisory | |
| security@vmware.com | https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C | Broken Link | |
| security@vmware.com | https://security.gentoo.org/glsa/202310-22 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://repo.saltproject.io/ | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-22 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "FE6336A6-0A0B-4E42-8990-2B32E19F2944", versionEndExcluding: "3002.9", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "D62A9E81-A4D3-4DEB-9998-FBAE7C49B35C", versionEndExcluding: "3003.5", versionStartIncluding: "3003", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D7A914-2986-4732-8858-19EDC6F19468", versionEndExcluding: "3004.2", versionStartIncluding: "3004", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.", }, { lang: "es", value: "Se ha detectado un problema en SaltStack Salt en versiones anteriores a 3002.9, 3003.5, 3004.2. PAM auth falla al rechazar cuentas bloqueadas, lo que permite que un usuario previamente autorizado cuya cuenta está bloqueada siga ejecutando comandos de Salt cuando su cuenta está bloqueada. Esto afecta tanto a las cuentas locales de shell con una sesión activa como a usuarios de salt-api que son autenticados por medio de PAM eauth", }, ], id: "CVE-2022-22967", lastModified: "2024-11-21T06:47:42.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-23T17:15:12.080", references: [ { source: "security@vmware.com", tags: [ "Product", "Vendor Advisory", ], url: "https://repo.saltproject.io/", }, { source: "security@vmware.com", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C", }, { source: "security@vmware.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Vendor Advisory", ], url: "https://repo.saltproject.io/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-25 17:59
Modified
2024-11-21 03:33
Severity ?
Summary
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:2016.11:*:*:*:*:*:*:*", matchCriteriaId: "689B37E8-7274-4B5A-9419-538A9AB7B99F", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*", matchCriteriaId: "F5B7EDF4-414F-429A-BD20-0B967737598C", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:rc1:*:*:*:*:*:*", matchCriteriaId: "B3D927A3-0450-4C66-9952-0DFD1C8E43F1", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.0:rc2:*:*:*:*:*:*", matchCriteriaId: "7D526346-8F23-4016-9D89-7BD4182370A3", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*", matchCriteriaId: "594339CF-8192-425D-9C8C-AA51342D9477", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E54FADCE-5311-4C8A-9527-1623F9AAC69E", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:2016.11.3:*:*:*:*:*:*:*", matchCriteriaId: "4E904BB7-706A-43E0-96CE-2A9E671E4FB3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).", }, { lang: "es", value: "En las versiones anteriores a la 2016.11.4 de Salt 2016.11 el código salt-ssh esta copiado sobre la configuración de Salt Master sin ajustar convenientemente los permisos, lo que permitiría filtrar credenciales a atacantes locales en minions (clientes) configurados.", }, ], id: "CVE-2017-8109", lastModified: "2024-11-21T03:33:20.527", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-25T17:59:00.180", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98095", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", }, { source: "cve@mitre.org", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/issues/40075", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/40609", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98095", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Vendor Advisory", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/issues/40075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/40609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2020-16846
Vulnerability from cvelistv5
Published
2020-11-06 07:27
Modified
2025-02-07 13:57
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:45:33.237Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2020-16846", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:49:59.119196Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-16846", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:57:33.897Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-03T21:06:05.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-16846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/releases", refsource: "MISC", url: "https://github.com/saltstack/salt/releases", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-13", }, { name: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-16846", datePublished: "2020-11-06T07:27:24.000Z", dateReserved: "2020-08-04T00:00:00.000Z", dateUpdated: "2025-02-07T13:57:33.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25282
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.073Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:23.974061", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25282", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-16T00:00:00", dateUpdated: "2024-08-03T19:56:11.073Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31607
Vulnerability from cvelistv5
Published
2021-04-23 00:00
Modified
2024-08-03 23:03
Severity ?
EPSS score ?
Summary
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:03:33.642Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/", }, { name: "FEDORA-2021-5aaebdae8e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:42.625848", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/", }, { name: "FEDORA-2021-5aaebdae8e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31607", datePublished: "2021-04-23T00:00:00", dateReserved: "2021-04-23T00:00:00", dateUpdated: "2024-08-03T23:03:33.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4436
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-16 22:41
Severity ?
EPSS score ?
Summary
The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle (MITM) attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/10/18/3 | mailing-list, x_refsource_MLIST | |
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:13.391Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle (MITM) attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4436", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle (MITM) attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4436", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-09-16T22:41:15.246Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22967
Vulnerability from cvelistv5
Published
2022-06-22 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SaltStack Salt |
Version: SaltStack Salt prior to 3002.9, 3003.5, 3004.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:28:42.506Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://repo.saltproject.io/", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SaltStack Salt", vendor: "n/a", versions: [ { status: "affected", version: "SaltStack Salt prior to 3002.9, 3003.5, 3004.2", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.", }, ], problemTypes: [ { descriptions: [ { description: "PAM auth fails to reject locked accounts.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:49.249445", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://repo.saltproject.io/", }, { url: "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2022-22967", datePublished: "2022-06-22T00:00:00", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-08-03T03:28:42.506Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-1838
Vulnerability from cvelistv5
Published
2017-04-13 14:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1212784 | x_refsource_CONFIRM | |
| https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:54:16.420Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2016-105b3b8804", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-17T00:00:00", descriptions: [ { lang: "en", value: "modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-13T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2016-105b3b8804", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-1838", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2016-105b3b8804", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212784", }, { name: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-1838", datePublished: "2017-04-13T14:00:00", dateReserved: "2015-02-17T00:00:00", dateUpdated: "2024-08-06T04:54:16.420Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5200
Vulnerability from cvelistv5
Published
2017-09-26 14:00
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.542Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-18T00:00:00", descriptions: [ { lang: "en", value: "Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-26T13:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5200", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { name: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5200", datePublished: "2017-09-26T14:00:00", dateReserved: "2017-01-06T00:00:00", dateUpdated: "2024-08-05T14:55:35.542Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14695
Vulnerability from cvelistv5
Published
2017-10-24 17:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html | vendor-advisory, x_refsource_SUSE | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1500748 | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html | x_refsource_CONFIRM | |
| https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:39.872Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-09-11T00:00:00", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-24T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14695", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500748", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { name: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14695", datePublished: "2017-10-24T17:00:00", dateReserved: "2017-09-22T00:00:00", dateUpdated: "2024-08-05T19:34:39.872Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3563
Vulnerability from cvelistv5
Published
2014-08-22 17:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95392 | vdb-entry, x_refsource_XF | |
| http://seclists.org/oss-sec/2014/q3/428 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/69319 | vdb-entry, x_refsource_BID | |
| http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:17.331Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "salt-cve20143563-symlink(95392)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392", }, { name: "[oss-security] 20140821 Revised: Salt 2014.1.10 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q3/428", }, { name: "69319", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/69319", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-08-01T00:00:00", descriptions: [ { lang: "en", value: "Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "salt-cve20143563-symlink(95392)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392", }, { name: "[oss-security] 20140821 Revised: Salt 2014.1.10 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q3/428", }, { name: "69319", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/69319", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3563", datePublished: "2014-08-22T17:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:17.331Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25281
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-11-19 15:42
Severity ?
EPSS score ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.067Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-25281", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T15:42:04.108614Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T15:42:15.264Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:47.723951", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { url: "http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25281", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-16T00:00:00", dateUpdated: "2024-11-19T15:42:15.264Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28243
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:33:58.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { tags: [ "x_transferred", ], url: "https://github.com/stealthcopter/CVE-2020-28243", }, { tags: [ "x_transferred", ], url: "https://sec.stealthcopter.com/cve-2020-28243/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:50.928563", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { url: "https://github.com/stealthcopter/CVE-2020-28243", }, { url: "https://sec.stealthcopter.com/cve-2020-28243/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-28243", datePublished: "2021-02-27T00:00:00", dateReserved: "2020-11-06T00:00:00", dateUpdated: "2024-08-04T16:33:58.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5192
Vulnerability from cvelistv5
Published
2017-09-26 14:00
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-18T00:00:00", descriptions: [ { lang: "en", value: "When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-26T13:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5192", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html", }, { name: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5192", datePublished: "2017-09-26T14:00:00", dateReserved: "2017-01-06T00:00:00", dateUpdated: "2024-08-05T14:55:35.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22004
Vulnerability from cvelistv5
Published
2021-09-08 15:00
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
References
| ▼ | URL | Tags |
|---|---|---|
| https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/ | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Saltstack Salt |
Version: Saltstack Salt (before 3003.3) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:30:23.738Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Saltstack Salt", vendor: "n/a", versions: [ { status: "affected", version: "Saltstack Salt (before 3003.3)", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\\salt\\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.", }, ], problemTypes: [ { descriptions: [ { description: "Software manipulation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-25T00:07:52", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2021-22004", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Saltstack Salt", version: { version_data: [ { version_value: "Saltstack Salt (before 3003.3)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\\salt\\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Software manipulation", }, ], }, ], }, references: { reference_data: [ { name: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", refsource: "MISC", url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { name: "FEDORA-2021-00ada7e667", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2021-22004", datePublished: "2021-09-08T15:00:14", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-08-03T18:30:23.738Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14696
Vulnerability from cvelistv5
Published
2017-10-24 17:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1500742 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:39.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-10-21T00:00:00", descriptions: [ { lang: "en", value: "SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-24T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14696", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html", }, { name: "openSUSE-SU-2017:2824", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html", }, { name: "openSUSE-SU-2017:2822", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html", }, { name: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1500742", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14696", datePublished: "2017-10-24T17:00:00", dateReserved: "2017-09-22T00:00:00", dateUpdated: "2024-08-05T19:34:39.957Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-8109
Vulnerability from cvelistv5
Published
2017-04-25 17:00
Modified
2024-08-05 16:27
Severity ?
EPSS score ?
Summary
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658 | x_refsource_CONFIRM | |
| https://github.com/saltstack/salt/issues/40075 | x_refsource_CONFIRM | |
| https://github.com/saltstack/salt/pull/40609 | x_refsource_CONFIRM | |
| https://bugzilla.suse.com/show_bug.cgi?id=1035912 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/98095 | vdb-entry, x_refsource_BID | |
| https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:27:22.195Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/issues/40075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/pull/40609", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", }, { name: "98095", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98095", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-04-25T00:00:00", descriptions: [ { lang: "en", value: "The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-05-02T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/issues/40075", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/pull/40609", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", }, { name: "98095", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98095", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-8109", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658", }, { name: "https://github.com/saltstack/salt/issues/40075", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/issues/40075", }, { name: "https://github.com/saltstack/salt/pull/40609", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/pull/40609", }, { name: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", refsource: "CONFIRM", url: "https://bugzilla.suse.com/show_bug.cgi?id=1035912", }, { name: "98095", refsource: "BID", url: "http://www.securityfocus.com/bid/98095", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-8109", datePublished: "2017-04-25T17:00:00", dateReserved: "2017-04-25T00:00:00", dateUpdated: "2024-08-05T16:27:22.195Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11651
Vulnerability from cvelistv5
Published
2020-04-30 16:58
Modified
2025-02-07 14:07
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:35:13.426Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4459-1/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2020-11651", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:59:33.675393Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-11651", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T14:07:35.650Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-19T18:06:16.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4459-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11651", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", refsource: "MISC", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { name: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", refsource: "MISC", url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { name: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4676", }, { name: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { name: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { name: "openSUSE-SU-2020:1074", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4459-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11651", datePublished: "2020-04-30T16:58:09.000Z", dateReserved: "2020-04-08T00:00:00.000Z", dateUpdated: "2025-02-07T14:07:35.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-4017
Vulnerability from cvelistv5
Published
2017-08-25 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/05/19/2 | mailing-list, x_refsource_MLIST | |
| https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1222960 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.396Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", }, { name: "[oss-security] 20150518 Re: [saltstack-security] CVE Request / Saltstack SSL verification disabling for alibabab cloud module", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/05/19/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-18T00:00:00", descriptions: [ { lang: "en", value: "Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-25T17:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", }, { name: "[oss-security] 20150518 Re: [saltstack-security] CVE Request / Saltstack SSL verification disabling for alibabab cloud module", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/05/19/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://groups.google.com/forum/#%21topic/salt-users/8Kv1bytGD6c", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4017", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html", }, { name: "[oss-security] 20150518 Re: [saltstack-security] CVE Request / Saltstack SSL verification disabling for alibabab cloud module", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/05/19/2", }, { name: "https://groups.google.com/forum/#!topic/salt-users/8Kv1bytGD6c", refsource: "CONFIRM", url: "https://groups.google.com/forum/#!topic/salt-users/8Kv1bytGD6c", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222960", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4017", datePublished: "2017-08-25T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.396Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3148
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 16:45
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:45:51.371Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:30.448035", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-3148", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T16:45:51.371Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-1839
Vulnerability from cvelistv5
Published
2017-04-13 14:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1212788 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html | vendor-advisory, x_refsource_FEDORA | |
| https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:54:16.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", }, { name: "FEDORA-2016-105b3b8804", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-17T00:00:00", descriptions: [ { lang: "en", value: "modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-13T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", }, { name: "FEDORA-2016-105b3b8804", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-1839", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1212788", }, { name: "FEDORA-2016-105b3b8804", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175568.html", }, { name: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/commit/22d2f7a1ec93300c34e8c42d14ec39d51e610b5c", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-1839", datePublished: "2017-04-13T14:00:00", dateReserved: "2015-02-17T00:00:00", dateUpdated: "2024-08-06T04:54:16.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-8034
Vulnerability from cvelistv5
Published
2017-01-30 22:00
Modified
2024-08-06 08:06
Severity ?
EPSS score ?
Summary
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96390 | vdb-entry, x_refsource_BID | |
| https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:06:31.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "96390", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96390", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-25T00:00:00", descriptions: [ { lang: "en", value: "The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-03-01T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "96390", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96390", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8034", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "96390", refsource: "BID", url: "http://www.securityfocus.com/bid/96390", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8034", datePublished: "2017-01-30T22:00:00", dateReserved: "2015-11-02T00:00:00", dateUpdated: "2024-08-06T08:06:31.617Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25283
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.095Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:37.500874", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25283", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-16T00:00:00", dateUpdated: "2024-08-03T19:56:11.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-25592
Vulnerability from cvelistv5
Published
2020-11-06 07:31
Modified
2024-08-04 15:33
Severity ?
EPSS score ?
Summary
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/index.html | x_refsource_MISC | |
| https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/ | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202011-13 | vendor-advisory, x_refsource_GENTOO | |
| http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2021/dsa-4837 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:33:05.711Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4837", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-24T23:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4837", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-25592", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/index.html", refsource: "MISC", url: "https://docs.saltstack.com/en/latest/topics/releases/index.html", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-13", }, { name: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4837", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-25592", datePublished: "2020-11-06T07:31:53", dateReserved: "2020-09-15T00:00:00", dateUpdated: "2024-08-04T15:33:05.711Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3197
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 16:45
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:45:51.473Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:32.205595", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-3197", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T16:45:51.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-6617
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-17 02:02
Severity ?
EPSS score ?
Summary
The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:46:22.174Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-6617", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-6617", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-11-05T00:00:00Z", dateUpdated: "2024-09-17T02:02:10.512Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-12791
Vulnerability from cvelistv5
Published
2017-08-23 14:00
Modified
2024-08-05 18:51
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/saltstack/salt/pull/42944 | x_refsource_CONFIRM | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/100384 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1482006 | x_refsource_MISC | |
| https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:51:07.262Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/pull/42944", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", }, { name: "100384", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/100384", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-08-15T00:00:00", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-23T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/pull/42944", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", }, { name: "100384", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/100384", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-12791", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/pull/42944", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/pull/42944", }, { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", refsource: "MISC", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399", }, { name: "100384", refsource: "BID", url: "http://www.securityfocus.com/bid/100384", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1482006", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html", }, { name: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-12791", datePublished: "2017-08-23T14:00:00", dateReserved: "2017-08-10T00:00:00", dateUpdated: "2024-08-05T18:51:07.262Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22936
Vulnerability from cvelistv5
Published
2022-03-29 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SaltStack Salt |
Version: SaltStack Salt prior to 3002.8, 3003.4, 3004.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:28:42.445Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases%2C", }, { tags: [ "x_transferred", ], url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SaltStack Salt", vendor: "n/a", versions: [ { status: "affected", version: "SaltStack Salt prior to 3002.8, 3003.4, 3004.1", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.", }, ], problemTypes: [ { descriptions: [ { description: "Job publishes and file server replies are susceptible to replay attacks.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:45.986338", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { url: "https://github.com/saltstack/salt/releases%2C", }, { url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2022-22936", datePublished: "2022-03-29T00:00:00", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-08-03T03:28:42.445Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4438
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-17 03:54
Severity ?
EPSS score ?
Summary
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/10/18/3 | mailing-list, x_refsource_MLIST | |
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4438", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4438", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-09-17T03:54:13.381Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25284
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:56:11.175Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:34.088871", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-25284", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-16T00:00:00", dateUpdated: "2024-08-03T19:56:11.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25315
Vulnerability from cvelistv5
Published
2021-03-03 09:55
Modified
2024-09-16 21:03
Severity ?
EPSS score ?
Summary
CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SUSE | SUSE Linux Enterprise Server 15 SP 3 |
Version: salt < 3002.2-3 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:03:04.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1182382", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SUSE Linux Enterprise Server 15 SP 3", vendor: "SUSE", versions: [ { lessThan: "3002.2-3", status: "affected", version: "salt", versionType: "custom", }, ], }, { product: "Tumbleweed", vendor: "openSUSE", versions: [ { lessThanOrEqual: "3002.2-2.1", status: "affected", version: "salt", versionType: "custom", }, ], }, ], datePublic: "2021-03-01T00:00:00", descriptions: [ { lang: "en", value: "CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE - CWE-287: Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", shortName: "suse", }, references: [ { url: "https://bugzilla.suse.com/show_bug.cgi?id=1182382", }, ], source: { advisory: "https://bugzilla.suse.com/show_bug.cgi?id=1182382", defect: [ "1182382", ], discovery: "INTERNAL", }, title: "salt-api unauthenticated remote code execution", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", assignerShortName: "suse", cveId: "CVE-2021-25315", datePublished: "2021-03-03T09:55:16.356867Z", dateReserved: "2021-01-19T00:00:00", dateUpdated: "2024-09-16T21:03:45.719Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28972
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-04 16:48
Severity ?
EPSS score ?
Summary
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:48:01.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:35.816140", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-28972", datePublished: "2021-02-27T00:00:00", dateReserved: "2020-11-20T00:00:00", dateUpdated: "2024-08-04T16:48:01.505Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-7893
Vulnerability from cvelistv5
Published
2018-04-23 22:00
Modified
2024-08-05 16:19
Severity ?
EPSS score ?
Summary
In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:19:28.351Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-04-23T00:00:00", descriptions: [ { lang: "en", value: "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-23T21:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-7893", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-7893", datePublished: "2018-04-23T22:00:00", dateReserved: "2017-04-17T00:00:00", dateUpdated: "2024-08-05T16:19:28.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-15750
Vulnerability from cvelistv5
Published
2018-10-24 22:00
Modified
2024-08-05 10:01
Severity ?
EPSS score ?
Summary
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html | x_refsource_CONFIRM | |
| https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ | mailing-list, x_refsource_MLIST | |
| https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html | vendor-advisory, x_refsource_SUSE | |
| https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4459-1/ | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:01:54.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4459-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-24T00:00:00", descriptions: [ { lang: "en", value: "Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-19T18:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4459-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15750", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", refsource: "MLIST", url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", refsource: "MLIST", url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4459-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15750", datePublished: "2018-10-24T22:00:00", dateReserved: "2018-08-23T00:00:00", dateUpdated: "2024-08-05T10:01:54.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4435
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-17 01:36
Severity ?
EPSS score ?
Summary
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/10/18/3 | mailing-list, x_refsource_MLIST | |
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:13.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4435", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4435", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-09-17T01:36:05.715Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22935
Vulnerability from cvelistv5
Published
2022-03-29 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SaltStack Salt |
Version: SaltStack Salt prior to 3002.8, 3003.4, 3004.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:28:42.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases%2C", }, { tags: [ "x_transferred", ], url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SaltStack Salt", vendor: "n/a", versions: [ { status: "affected", version: "SaltStack Salt prior to 3002.8, 3003.4, 3004.1", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.", }, ], problemTypes: [ { descriptions: [ { description: "Minion authentication denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:25.593962", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { url: "https://github.com/saltstack/salt/releases%2C", }, { url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2022-22935", datePublished: "2022-03-29T00:00:00", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-08-03T03:28:42.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1866
Vulnerability from cvelistv5
Published
2016-04-12 14:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:10:39.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", }, { name: "openSUSE-SU-2016:0694", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-25T00:00:00", descriptions: [ { lang: "en", value: "Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-04-12T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", }, { name: "openSUSE-SU-2016:0694", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-1866", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html", }, { name: "openSUSE-SU-2016:0694", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00034.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-1866", datePublished: "2016-04-12T14:00:00", dateReserved: "2016-01-13T00:00:00", dateUpdated: "2024-08-05T23:10:39.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22934
Vulnerability from cvelistv5
Published
2022-03-29 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SaltStack Salt |
Version: SaltStack Salt prior to 3002.8, 3003.4, 3004.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:28:42.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases%2C", }, { tags: [ "x_transferred", ], url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SaltStack Salt", vendor: "n/a", versions: [ { status: "affected", version: "SaltStack Salt prior to 3002.8, 3003.4, 3004.1", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.", }, ], problemTypes: [ { descriptions: [ { description: "Salt Masters do not sign pillar data with the minion’s public key.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:27.077569", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { url: "https://github.com/saltstack/salt/releases%2C", }, { url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2022-22934", datePublished: "2022-03-29T00:00:00", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-08-03T03:28:42.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20897
Vulnerability from cvelistv5
Published
2023-09-05 10:56
Modified
2025-02-13 16:40
Severity ?
EPSS score ?
Summary
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:21:33.285Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20897", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-30T17:24:32.593858Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-30T17:24:46.072Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Salt", vendor: "n/a", versions: [ { status: "affected", version: "Salt masters prior to 3005.2 or 3006.2", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.<br>", }, ], value: "Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "DOS in minion return.", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-14T02:06:11.442Z", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2023-20897", datePublished: "2023-09-05T10:56:33.183Z", dateReserved: "2022-11-01T15:41:50.396Z", dateUpdated: "2025-02-13T16:40:09.607Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-15751
Vulnerability from cvelistv5
Published
2018-10-24 22:00
Modified
2024-08-05 10:01
Severity ?
EPSS score ?
Summary
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html | x_refsource_CONFIRM | |
| https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ | mailing-list, x_refsource_MLIST | |
| https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html | vendor-advisory, x_refsource_SUSE | |
| https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4459-1/ | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:01:54.581Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4459-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-24T00:00:00", descriptions: [ { lang: "en", value: "SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-19T18:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4459-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15751", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html", }, { name: "[salt-users] 20181024 2018.3.3 Released - Security Advisory", refsource: "MLIST", url: "https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ", }, { name: "[salt-users] 20181024 2017.7.8 Released - Security Advisory", refsource: "MLIST", url: "https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ", }, { name: "openSUSE-SU-2020:1074", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html", }, { name: "USN-4459-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4459-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15751", datePublished: "2018-10-24T22:00:00", dateReserved: "2018-08-23T00:00:00", dateUpdated: "2024-08-05T10:01:54.581Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11652
Vulnerability from cvelistv5
Published
2020-04-30 17:00
Modified
2025-02-04 19:54
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:35:13.485Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4459-1/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2020-11652", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:54:22.934029Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-11652", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:54:47.313Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-19T18:06:14.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { tags: [ "x_refsource_MISC", ], url: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", }, { name: "openSUSE-SU-2020:1074", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4459-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11652", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", refsource: "MISC", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html", }, { name: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", refsource: "MISC", url: "https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst", }, { name: "openSUSE-SU-2020:0564", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html", }, { name: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html", }, { name: "DSA-4676", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4676", }, { name: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2020-0009.html", }, { name: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html", }, { name: "20200528 SaltStack FrameWork Vulnerabilities Affecting Cisco Products", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG", }, { name: "[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html", }, { name: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", refsource: "MISC", url: "http://support.blackberry.com/kb/articleDetail?articleNumber=000063758", }, { name: "openSUSE-SU-2020:1074", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html", }, { name: "USN-4459-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4459-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11652", datePublished: "2020-04-30T17:00:03.000Z", dateReserved: "2020-04-08T00:00:00.000Z", dateUpdated: "2025-02-04T19:54:47.313Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-17490
Vulnerability from cvelistv5
Published
2020-11-06 07:29
Modified
2024-08-04 14:00
Severity ?
EPSS score ?
Summary
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release | x_refsource_MISC | |
| https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/ | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202011-13 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2021/dsa-4837 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T14:00:47.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202011-13", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4837", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-24T23:06:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202011-13", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4837", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-17490", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", refsource: "MISC", url: "https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-13", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4837", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-17490", datePublished: "2020-11-06T07:29:11", dateReserved: "2020-08-11T00:00:00", dateUpdated: "2024-08-04T14:00:47.533Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3144
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-08-03 16:45
Severity ?
EPSS score ?
Summary
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:45:51.414Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:39.452351", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/releases", }, { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-3144", datePublished: "2021-02-27T00:00:00", dateReserved: "2021-01-14T00:00:00", dateUpdated: "2024-08-03T16:45:51.414Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3176
Vulnerability from cvelistv5
Published
2017-01-31 19:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html | x_refsource_CONFIRM | |
| https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:58.127Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-23T00:00:00", descriptions: [ { lang: "en", value: "Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-31T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3176", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3176", datePublished: "2017-01-31T19:00:00", dateReserved: "2016-03-15T00:00:00", dateUpdated: "2024-08-05T23:47:58.127Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17361
Vulnerability from cvelistv5
Published
2020-01-17 01:16
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/saltstack/salt/commits/master | x_refsource_MISC | |
| https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2020/dsa-4676 | vendor-advisory, x_refsource_DEBIAN | |
| https://usn.ubuntu.com/4459-1/ | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:40:15.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/commits/master", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", }, { name: "openSUSE-SU-2020:0357", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4459-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-19T18:06:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/commits/master", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", }, { name: "openSUSE-SU-2020:0357", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html", }, { name: "DSA-4676", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4676", }, { name: "USN-4459-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4459-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17361", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/commits/master", refsource: "MISC", url: "https://github.com/saltstack/salt/commits/master", }, { name: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix", }, { name: "openSUSE-SU-2020:0357", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html", }, { name: "DSA-4676", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4676", }, { name: "USN-4459-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4459-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17361", datePublished: "2020-01-17T01:16:29", dateReserved: "2019-10-08T00:00:00", dateUpdated: "2024-08-05T01:40:15.336Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20898
Vulnerability from cvelistv5
Published
2023-09-05 10:59
Modified
2025-02-13 16:40
Severity ?
EPSS score ?
Summary
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:21:33.182Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20898", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-30T15:44:22.047149Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-30T15:44:36.458Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Salt", vendor: "n/a", versions: [ { status: "affected", version: "Salt masters prior to 3005.2 or 3006.2", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.<br>", }, ], value: "Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Git Providers can read from the wrong environment because they get the same cache directory base name.", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-14T02:06:12.950Z", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security-announcements/2023-08-10-advisory/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2023-20898", datePublished: "2023-09-05T10:59:10.439Z", dateReserved: "2022-11-01T15:41:50.396Z", dateUpdated: "2025-02-13T16:40:10.201Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1010259
Vulnerability from cvelistv5
Published
2019-07-18 16:33
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534 | x_refsource_MISC | |
| https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a | x_refsource_MISC | |
| https://github.com/saltstack/salt/pull/51462 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:07:18.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/pull/51462", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Salt", vendor: "SaltStack", versions: [ { status: "affected", version: "2018.3, 2019.2 [fixed: 2018.3.4]", }, ], }, ], descriptions: [ { lang: "en", value: "SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.", }, ], problemTypes: [ { descriptions: [ { description: "SQL Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-13T17:48:32", orgId: "7556d962-6fb7-411e-85fa-6cd62f095ba8", shortName: "dwf", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/pull/51462", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve-assign@distributedweaknessfiling.org", ID: "CVE-2019-1010259", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Salt", version: { version_data: [ { version_value: "2018.3, 2019.2 [fixed: 2018.3.4]", }, ], }, }, ], }, vendor_name: "SaltStack", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "SQL Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534", refsource: "MISC", url: "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534", }, { name: "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a", refsource: "MISC", url: "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a", }, { name: "https://github.com/saltstack/salt/pull/51462", refsource: "MISC", url: "https://github.com/saltstack/salt/pull/51462", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7556d962-6fb7-411e-85fa-6cd62f095ba8", assignerShortName: "dwf", cveId: "CVE-2019-1010259", datePublished: "2019-07-18T16:33:35", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-05T03:07:18.507Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33226
Vulnerability from cvelistv5
Published
2023-02-17 00:00
Modified
2025-03-18 19:05
Severity ?
EPSS score ?
Summary
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:42:20.345Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/blob/master/salt/modules/status.py", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1208473", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-33226", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T19:05:32.849297Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T19:05:39.410Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-02T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/saltstack/salt/blob/master/salt/modules/status.py", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1208473", }, ], tags: [ "disputed", ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-33226", datePublished: "2023-02-17T00:00:00.000Z", dateReserved: "2021-05-20T00:00:00.000Z", dateUpdated: "2025-03-18T19:05:39.410Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21996
Vulnerability from cvelistv5
Published
2021-09-08 00:00
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Saltstack Salt |
Version: Saltstack Salt (before 3003.3) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:30:23.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20211119 [SECURITY] [DLA 2823-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html", }, { name: "[debian-lts-announce] 20211121 [SECURITY] [DLA 2823-2] salt regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Saltstack Salt", vendor: "n/a", versions: [ { status: "affected", version: "Saltstack Salt (before 3003.3)", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.", }, ], problemTypes: [ { descriptions: [ { description: "File traversal attack", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:44.448164", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", }, { name: "FEDORA-2021-00ada7e667", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", }, { name: "FEDORA-2021-93a7c8b7c6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", }, { name: "FEDORA-2021-158e9c6eb9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "[debian-lts-announce] 20211119 [SECURITY] [DLA 2823-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html", }, { name: "[debian-lts-announce] 20211121 [SECURITY] [DLA 2823-2] salt regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2021-21996", datePublished: "2021-09-08T00:00:00", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-08-03T18:30:23.641Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22941
Vulnerability from cvelistv5
Published
2022-03-29 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SaltStack Salt |
Version: SaltStack Salt prior to 3002.8, 3003.4, 3004.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:28:42.458Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/saltstack/salt/releases%2C", }, { tags: [ "x_transferred", ], url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SaltStack Salt", vendor: "n/a", versions: [ { status: "affected", version: "SaltStack Salt prior to 3002.8, 3003.4, 3004.1", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.", }, ], problemTypes: [ { descriptions: [ { description: "Salt Master allows configured users to target any of the minions connected to the syndic with their configured commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:40.983815", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", }, { url: "https://github.com/saltstack/salt/releases%2C", }, { url: "https://repo.saltproject.io/", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2022-22941", datePublished: "2022-03-29T00:00:00", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-08-03T03:28:42.458Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4439
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-16 16:18
Severity ?
EPSS score ?
Summary
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/10/18/3 | mailing-list, x_refsource_MLIST | |
| https://github.com/saltstack/salt/pull/7356 | x_refsource_CONFIRM | |
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.708Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/saltstack/salt/pull/7356", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/saltstack/salt/pull/7356", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { name: "https://github.com/saltstack/salt/pull/7356", refsource: "CONFIRM", url: "https://github.com/saltstack/salt/pull/7356", }, { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4439", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-09-16T16:18:55.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35662
Vulnerability from cvelistv5
Published
2021-02-27 00:00
Modified
2024-10-15 18:35
Severity ?
EPSS score ?
Summary
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:14.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2020-35662", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:16:09.306038Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-295", description: "CWE-295 Improper Certificate Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-15T18:35:19.373Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T13:06:28.688717", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", }, { name: "FEDORA-2021-904a2dbc0c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", }, { name: "FEDORA-2021-5756fbf8a6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", }, { name: "FEDORA-2021-43eb5584ad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", }, { name: "GLSA-202103-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-01", }, { name: "[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html", }, { name: "DSA-5011", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5011", }, { name: "GLSA-202310-22", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-22", }, ], source: { discovery: "INTERNAL", }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35662", datePublished: "2021-02-27T00:00:00", dateReserved: "2020-12-23T00:00:00", dateUpdated: "2024-10-15T18:35:19.373Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4437
Vulnerability from cvelistv5
Published
2013-11-05 18:00
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/10/18/3 | mailing-list, x_refsource_MLIST | |
| http://docs.saltstack.com/topics/releases/0.17.1.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.307Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to \"insecure Usage of /tmp.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-11-05T18:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4437", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to \"insecure Usage of /tmp.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/10/18/3", }, { name: "http://docs.saltstack.com/topics/releases/0.17.1.html", refsource: "CONFIRM", url: "http://docs.saltstack.com/topics/releases/0.17.1.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4437", datePublished: "2013-11-05T18:00:00Z", dateReserved: "2013-06-12T00:00:00Z", dateUpdated: "2024-09-17T04:04:59.755Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-9639
Vulnerability from cvelistv5
Published
2017-02-07 17:00
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/11/25/2 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/94553 | vdb-entry, x_refsource_BID | |
| https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/11/25/3 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:59:03.006Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20161125 CVE Request: salt confidentiality issue", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/2", }, { name: "94553", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94553", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", }, { name: "[oss-security] 20161125 Re: CVE Request: salt confidentiality issue", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-25T00:00:00", descriptions: [ { lang: "en", value: "Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-02-08T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20161125 CVE Request: salt confidentiality issue", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/2", }, { name: "94553", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94553", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", }, { name: "[oss-security] 20161125 Re: CVE Request: salt confidentiality issue", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/11/25/3", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9639", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20161125 CVE Request: salt confidentiality issue", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/11/25/2", }, { name: "94553", refsource: "BID", url: "http://www.securityfocus.com/bid/94553", }, { name: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", refsource: "CONFIRM", url: "https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key", }, { name: "[oss-security] 20161125 Re: CVE Request: salt confidentiality issue", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/11/25/3", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9639", datePublished: "2017-02-07T17:00:00", dateReserved: "2016-11-25T00:00:00", dateUpdated: "2024-08-06T02:59:03.006Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }