Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Saltstack Subscribe
Filtered by product Salt 2018
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-1010259 1 Saltstack 2 Salt 2018, Salt 2019 2019-08-13 7.5 HIGH 9.8 CRITICAL
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.