Lucene search

[email protected]CVE-2020-11652

HistoryApr 30, 2020 - 5:15 p.m.

CVE-2020-11652

2020-04-3017:15:00

CWE-22

[email protected]

web.nvd.nist.gov

1124

In Wild

cve-2020-11652

saltstack

salt

nvd

clearfuncs class

directory access

authentication

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.8 High

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.973 High

EPSS

Percentile

99.8%

JSON

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CPENameOperatorVersion
saltstack:saltsaltstack saltlt3000.2
saltstack:saltsaltstack saltlt2019.2.4
opensuse:leapopensuse leapeq15.1
debian:debian_linuxdebian debian linuxeq8.0
debian:debian_linuxdebian debian linuxeq9.0
debian:debian_linuxdebian debian linuxeq10.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq18.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq16.04
blackberry:workspaces_serverblackberry workspaces servereq9.1.0
blackberry:workspaces_serverblackberry workspaces serverle7.1.3

CPE	Name	Operator	Version
saltstack:salt	saltstack salt	lt	3000.2
saltstack:salt	saltstack salt	lt	2019.2.4
opensuse:leap	opensuse leap	eq	15.1
debian:debian_linux	debian debian linux	eq	8.0
debian:debian_linux	debian debian linux	eq	9.0
debian:debian_linux	debian debian linux	eq	10.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	18.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	16.04
blackberry:workspaces_server	blackberry workspaces server	eq	9.1.0
blackberry:workspaces_server	blackberry workspaces server	le	7.1.3