{"vulnerability": "CVE-2020-11652", "sightings": [{"uuid": "47bb28b8-d1f9-4878-8dc7-abcb5b72ec08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/5ebd4758-e128-45f5-b745-4be00a025876", "content": "", "creation_timestamp": "2020-05-14T15:56:28.000000Z"}, {"uuid": "65accd74-56fd-465d-a0ca-7b405d08ea23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "f16fa451-0b83-4c87-a4a9-6a63cc7eb9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "1730eb90-1252-4702-b804-21825c223a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970941", "content": "", "creation_timestamp": "2024-12-24T20:22:04.031314Z"}, {"uuid": "f98e0031-90e3-463a-a5cc-e4c8aee08c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:45.000000Z"}, {"uuid": "704989b4-80d1-48b7-afd1-6d8756cbeb98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:22.000000Z"}, {"uuid": "06d836cb-7fdb-4755-9bdd-5630fe75559c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "1391a887-449f-4568-aa01-5c7f66fd9113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/saltstack_salt_root_key.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "63a7794e-a462-48e4-b3f2-c36c31fb5654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/saltstack_salt_unauth_rce.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "8211cc8c-ff61-4729-ab97-e14f13b1a873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/saltstack-salt-hallintakehikossa-kriittisia-haavoittuvuuksia", "content": "", "creation_timestamp": "2020-05-03T19:21:42.000000Z"}, {"uuid": "f01ceca2-0d2d-416e-982b-7abeed33c422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://gist.github.com/kakairesteven/c933ab23280dded60023773c5d6d477a", "content": "", "creation_timestamp": "2026-01-24T11:15:40.000000Z"}, {"uuid": "955ab963-ef14-4c34-92c5-1126ec367fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-11652", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4fd341db-d261-44c5-9891-3f4531b0097b", "content": "", "creation_timestamp": "2026-02-02T12:29:01.569199Z"}, {"uuid": "04bd5ce9-72b6-4173-85ac-96d665a7a1fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "exploited", "source": "https://t.me/SecLabNews/7504", "content": "\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u0435\u0434\u0435\u0442\u0441\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0421\u0435\u0442\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c Salt, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432\u043d\u0443\u0442\u0440\u0438 \u0446\u0435\u043d\u0442\u0440\u043e\u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u043b\u043e\u0433\u043e\u0432 Ghost, \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2020-11651) \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 (CVE-2020-11652) \u0432 Salt \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\n\u041f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0431\u043b\u043e\u0433-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Ghost \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440", "creation_timestamp": "2020-05-05T09:45:03.000000Z"}, {"uuid": "473af933-83a6-4a22-9f47-381466ba2062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://t.me/arpsyndicate/1170", "content": "#ExploitObserverAlert\n\nCVE-2020-11652\n\nDESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.\n\nFIRST-EPSS: 0.973530000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T09:40:58.000000Z"}, {"uuid": "aed459f2-79d5-405a-ae36-7bcf952bc153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://t.me/arpsyndicate/191", "content": "#ExploitObserverAlert\n\nCVE-2020-11652\n\nDESCRIPTION: Exploit Observer has 47 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.\n\nFIRST-EPSS: 0.973530000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-17T03:39:16.000000Z"}, {"uuid": "04f5cfe7-0ea0-47c7-b895-a869faed22f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1055", "content": "#exploit\nCVE-2020-11651,\nCVE-2020-11652:\nCisco Modeling Labs Corporate Edition (CML)/Virtual Internet Routing Lab Personal Edition (VIRL-PE) - SaltStack Authorization Bypass\nhttps://labs.f-secure.com/advisories/saltstack-authorization-bypass", "creation_timestamp": "2024-10-22T16:50:13.000000Z"}]}