An improper authentication vulnerability affecting users running the Salt API exists due to a validation issue when calling Salt SSH via the salt-api, An unauthenticated, remote attacker could bypass authentication by supplying any value for eauth or token to gain the ability to run commands using Salt SSH.
Binary data saltstack_cve-2020-16846.nbin