Filtered by vendor Saltstack
Subscribe
Total
53 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-3144 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2021-11-23 | 7.5 HIGH | 9.1 CRITICAL |
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.) | |||||
CVE-2021-3148 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2021-11-23 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py. | |||||
CVE-2020-35662 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2021-11-23 | 5.8 MEDIUM | 7.4 HIGH |
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated. | |||||
CVE-2020-28972 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2021-11-23 | 4.3 MEDIUM | 5.9 MEDIUM |
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate. | |||||
CVE-2020-25592 | 2 Debian, Saltstack | 2 Debian Linux, Salt | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH. | |||||
CVE-2020-17490 | 2 Debian, Saltstack | 2 Debian Linux, Salt | 2021-03-30 | 2.1 LOW | 5.5 MEDIUM |
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. | |||||
CVE-2018-15751 | 1 Saltstack | 1 Salt | 2020-08-19 | 7.5 HIGH | 9.8 CRITICAL |
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). | |||||
CVE-2018-15750 | 1 Saltstack | 1 Salt | 2020-08-19 | 5.0 MEDIUM | 5.3 MEDIUM |
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server. | |||||
CVE-2013-2228 | 1 Saltstack | 1 Saltstack | 2019-12-13 | 4.3 MEDIUM | 8.1 HIGH |
SaltStack RSA Key Generation allows remote users to decrypt communications | |||||
CVE-2017-7893 | 1 Saltstack | 1 Salt | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master. | |||||
CVE-2017-5200 | 1 Saltstack | 1 Salt | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client. | |||||
CVE-2019-1010259 | 1 Saltstack | 2 Salt 2018, Salt 2019 | 2019-08-13 | 7.5 HIGH | 9.8 CRITICAL |
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4. | |||||
CVE-2016-1866 | 2 Opensuse, Saltstack | 2 Leap, Salt | 2018-10-30 | 6.8 MEDIUM | 8.1 HIGH |
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream. | |||||
CVE-2015-4017 | 1 Saltstack | 1 Salt | 2018-08-13 | 5.0 MEDIUM | 7.5 HIGH |
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules. | |||||
CVE-2017-14696 | 1 Saltstack | 1 Salt | 2017-11-15 | 5.0 MEDIUM | 7.5 HIGH |
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request. | |||||
CVE-2017-14695 | 1 Saltstack | 1 Salt | 2017-11-14 | 7.5 HIGH | 9.8 CRITICAL |
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791. | |||||
CVE-2015-6918 | 1 Saltstack | 1 Salt 2015 | 2017-11-05 | 3.5 LOW | 6.3 MEDIUM |
salt before 2015.5.5 leaks git usernames and passwords to the log. | |||||
CVE-2017-5192 | 1 Saltstack | 1 Salt | 2017-10-06 | 6.5 MEDIUM | 8.8 HIGH |
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed. | |||||
CVE-2017-12791 | 1 Saltstack | 1 Salt | 2017-08-29 | 7.5 HIGH | 9.8 CRITICAL |
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. | |||||
CVE-2014-3563 | 1 Saltstack | 1 Salt | 2017-08-28 | 7.2 HIGH | N/A |
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud. |