Lucene search
GitHub Advisory DatabaseGHSA-XXVJ-8G5M-4QGWHistoryMay 17, 2022 - 1:22 a.m.
SaltStack Salt Directory traversal vulnerability in minion id validation
2022-05-1701:22:50
CWE-22
GitHub Advisory Database
github.com
2
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.
References
www.securityfocus.com/bid/100384
bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399
bugzilla.redhat.com/show_bug.cgi?id=1482006
docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html
docs.saltstack.com/en/latest/topics/releases/2017.7.1.html
github.com/advisories/GHSA-xxvj-8g5m-4qgw
github.com/saltstack/salt/pull/42944
nvd.nist.gov/vuln/detail/CVE-2017-12791
Related
freebsd
freebsd
salt -- Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master
2017-08-16 00:00:00
salt -- multiple vulnerabilities
2017-10-09 00:00:00
redhatcve
redhatcve
CVE-2017-12791
2017-08-16 09:48:52
CVE-2017-14695
2017-10-19 12:25:28
veracode
veracode
Directory Traversal
2017-08-22 08:22:23
Directory Traversal
2017-10-25 02:27:30
nessus
nessus
openSUSE Security Update : salt (openSUSE-2017-1016)
2017-09-13 00:00:00
FreeBSD : salt -- Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master (3531141d-a708-477c-954a-2a0549e49ca9)
2017-08-23 00:00:00
SUSE SLES11 Security Update : salt (SUSE-SU-2017:2666-1)
2017-10-11 00:00:00
archlinux
archlinux
[ASA-201708-17] salt: directory traversal
2017-08-23 00:00:00
osv
osv
SaltStack Salt Directory traversal vulnerability in minion id validation
2022-05-17 01:22:50
PYSEC-2017-35
2017-08-23 14:29:00
CVE-2017-12791
2017-08-23 14:29:00
cve
cve
CVE-2017-12791
2017-08-23 14:29:00
CVE-2017-14695
2017-10-24 17:29:00
cvelist
cvelist
CVE-2017-12791
2017-08-23 14:00:00
CVE-2017-14695
2017-10-24 17:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2666-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-4769-1)
2023-01-27 00:00:00
prion
prion
Directory traversal
2017-08-23 14:29:00
Directory traversal
2017-10-24 17:29:00
ubuntucve
ubuntucve
CVE-2017-12791
2017-08-23 00:00:00
CVE-2017-14695
2017-10-24 00:00:00
debiancve
debiancve
CVE-2017-12791
2017-08-23 14:29:00
CVE-2017-14695
2017-10-24 17:29:00
github
github
SaltStack Salt Directory traversal vulnerability in minion id validation
2022-05-17 00:24:32
photon
photon
ubuntu
ubuntu
Salt vulnerabilities
2021-03-15 00:00:00