Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SALTSTACK_CVE-2020-16846.NBINHistoryFeb 15, 2021 - 12:00 a.m.
SaltStack Unauthenticated RCE (direct check)
2021-02-1500:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
An improper authentication vulnerability affecting users running the Salt API exists due to a validation issue when calling Salt SSH via the salt-api, An unauthenticated, remote attacker could bypass authentication by supplying any value for eauth or token to gain the ability to run commands using Salt SSH.
Binary data saltstack_cve-2020-16846.nbinRelated
veracode
veracode
Shell Injection
2020-11-10 05:27:00
checkpoint_advisories
checkpoint_advisories
SaltStack Salt API SSH Client Command Injection (CVE-2020-16846)
2021-11-16 00:00:00
osv
osv
SaltStack Salt Command Injection in netapi ssh client
2022-05-24 17:33:18
CVE-2020-16846
2020-11-06 08:15:13
PYSEC-2020-104
2020-11-06 08:15:00
debiancve
debiancve
CVE-2020-16846
2020-11-06 08:15:00
cve
cve
CVE-2020-16846
2020-11-06 08:15:00
zdi
zdi
prion
prion
Design/Logic Flaw
2020-11-06 08:15:00
redhatcve
redhatcve
CVE-2020-16846
2020-11-06 17:29:13
githubexploit
githubexploit
Exploit for OS Command Injection in Saltstack Salt
2021-10-14 10:09:48
metasploit
metasploit
SaltStack Salt REST API Arbitrary Command Execution
2020-11-11 19:09:26
cisa_kev
cisa_kev
SaltStack Salt Shell Injection Vulnerability
2021-11-03 00:00:00
alpinelinux
alpinelinux
CVE-2020-16846
2020-11-06 08:15:00
ubuntucve
ubuntucve
CVE-2020-16846
2020-11-06 00:00:00
nuclei
nuclei
SaltStack <=3002 - Shell Injection
2020-11-18 17:21:07
github
github
SaltStack Salt Command Injection in netapi ssh client
2022-05-24 17:33:18
packetstorm
packetstorm
SaltStack Salt REST API Arbitrary Command Execution
2020-11-12 00:00:00
zdt
zdt
SaltStack Salt REST API Arbitrary Command Execution Exploit
2020-11-12 00:00:00
suse
suse
Security update for salt (critical)
2020-11-05 00:00:00
Security update for salt (critical)
2020-11-07 00:00:00
attackerkb
attackerkb
CVE-2020-16846 — SaltStack Unauthenticated Shell Injection
2020-11-06 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:3243-1)
2020-12-09 00:00:00
SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:3155-1)
2020-12-09 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4837-1)
2021-01-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3243-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for salt (openSUSE-SU-2020:1833-1)
2020-11-06 00:00:00
debian
debian
[SECURITY] [DSA 4837-1] salt security update
2021-01-24 15:29:40
[SECURITY] [DLA 2480-1] salt security update
2020-12-04 17:33:51
[SECURITY] [DSA 4837-1] salt security update
2021-01-24 15:29:40
rapid7blog
rapid7blog
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know
2020-11-10 14:22:33
Metasploit Wrap-Up
2020-11-13 19:08:01
gentoo
gentoo
Salt: Multiple vulnerabilities
2020-11-11 00:00:00
archlinux
archlinux
[ASA-202011-7] salt: multiple issues
2020-11-10 00:00:00
freebsd
freebsd
salt -- multiple vulnerabilities
2020-11-06 00:00:00
Related for SALTSTACK_CVE-2020-16846.NBIN