An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

OSVersionArchitecturePackageVersionFilename
Debian11allsalt< 3000.2+dfsg1-1salt_3000.2+dfsg1-1_all.deb
Debian10allsalt< 2018.3.4+dfsg1-6+deb10u1salt_2018.3.4+dfsg1-6+deb10u1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	11	all	salt	< 3000.2+dfsg1-1	salt_3000.2+dfsg1-1_all.deb
Debian	10	all	salt	< 2018.3.4+dfsg1-6+deb10u1	salt_2018.3.4+dfsg1-6+deb10u1_all.deb

ubuntucve 1

veracode 1

osv 6

redhatcve 1

cve 1

prion 1

cisa_kev 1

githubexploit 6

alpinelinux 1

github 1

checkpoint_advisories 1

nessus 19

suse 4

debian 5

vmware 1

zdt 3

thn 2

attackerkb 2

cisa 1

threatpost 3

openvas 13

metasploit 2

freebsd 1

trendmicroblog 1

archlinux 1

cisco 1

packetstorm 2

huawei 1

photon 4

exploitdb 1

ubuntu 1

ubuntucve

CVE-2020-11652

2020-04-30 00:00:00

veracode

Arbitrary Directory Access

2020-05-04 04:38:10

osv

PYSEC-2020-103

2020-04-30 17:15:00

CVE-2020-11652

2020-04-30 17:15:12

SaltStack Salt is vulnerable Arbitrary Directory Access

2022-05-24 17:16:58

redhatcve

CVE-2020-11652

2020-05-06 17:40:11

cve

CVE-2020-11652

2020-04-30 17:15:00

prion

Improper access control

2020-04-30 17:15:00

cisa_kev

SaltStack Salt Path Traversal Vulnerability

2021-11-03 00:00:00

githubexploit

Exploit for Path Traversal in Saltstack Salt

2020-05-22 07:56:32

Exploit for Missing Authentication for Critical Function in Saltstack Salt

2020-05-01 20:53:49

Exploit for Missing Authentication for Critical Function in Saltstack Salt

2020-11-30 09:23:23

alpinelinux

CVE-2020-11652

2020-04-30 17:15:00

github

SaltStack Salt is vulnerable Arbitrary Directory Access

2022-05-24 17:16:58

checkpoint_advisories

Saltstack Salt Authentication Bypass (CVE-2020-11651; CVE-2020-11652)

2020-05-05 00:00:00

nessus

FreeBSD : salt -- multiple vulnerabilities in salt-master process (6bf55af9-973b-11ea-9f2c-38d547003487)

2020-05-18 00:00:00

openSUSE Security Update : salt (openSUSE-2020-564)

2020-05-04 00:00:00

Photon OS 3.0: Salt3 PHSA-2020-3.0-0091

2020-05-18 00:00:00

suse

Security update for salt (critical)

2020-04-30 00:00:00

Security update for salt (moderate)

2020-07-26 00:00:00

Security update for salt (critical)

2021-06-23 00:00:00

debian

[SECURITY] [DSA 4676-2] salt security update

2020-05-07 20:16:07

[SECURITY] [DSA 4676-2] salt security update

2020-05-07 20:16:07

[SECURITY] [DLA 2223-1] salt security update

2020-05-30 04:21:15

vmware

vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)

2020-05-08 00:00:00

zdt

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution Exploit

2020-05-12 00:00:00

Saltstack 3000.1 Remote Code Execution Exploit

2020-05-07 00:00:00

Saltstack 3000.1 - Remote Code Execution Exploit

2020-05-04 00:00:00

thn

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

2020-05-04 04:00:00

Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers

2020-05-01 13:04:00

attackerkb

CVE-2020-11651

2020-04-30 00:00:00

CVE-2020-11652

2020-04-30 00:00:00

cisa

SaltStack Patches Critical Vulnerabilities in Salt

2020-05-01 00:00:00

threatpost

Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack

2020-05-04 19:23:41

Salt Bugs Allow Full RCE as Root on Cloud Servers

2020-04-30 20:54:50

Hackers Compromise Cisco Servers Via SaltStack Flaws

2020-05-28 20:51:25

openvas

SUSE: Security Advisory (SUSE-SU-2020:1151-1)

2021-04-19 00:00:00

openSUSE: Security Advisory for salt (openSUSE-SU-2020:0564-1)

2020-05-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:1150-1)

2021-06-09 00:00:00

metasploit

SaltStack Salt Master Server Root Key Disclosure

2020-05-11 17:05:38

SaltStack Salt Master/Minion Unauthenticated RCE

2020-05-11 17:05:38

freebsd

salt -- multiple vulnerabilities in salt-master process

2020-04-30 00:00:00

trendmicroblog

This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers

2020-05-29 12:27:26

archlinux

[ASA-202005-1] salt: multiple issues

2020-05-05 00:00:00

cisco

SaltStack FrameWork Vulnerabilities Affecting Cisco Products

2020-05-28 16:00:00

packetstorm

Saltstack 3000.1 Remote Code Execution

2020-05-05 00:00:00

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution

2020-05-12 00:00:00

huawei

Security Advisory - Two Vulnerabilities in SaltStack Salt

2020-07-15 00:00:00

photon

Critical Photon OS Security Update - PHSA-2020-0091

2020-05-15 00:00:00

Critical Photon OS Security Update - PHSA-2020-3.0-0091

2020-05-15 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0294

2020-05-14 00:00:00

exploitdb

Saltstack 3000.1 - Remote Code Execution

2020-05-05 00:00:00

ubuntu

Salt vulnerabilities

2020-08-13 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.973 High

EPSS

Percentile

99.8%

JSON

Related for DEBIANCVE:CVE-2020-11652