Lucene search

K

GoogleOSV:CVE-2017-5200

HistorySep 26, 2017 - 2:29 p.m.

CVE-2017-5200

2017-09-2614:29:00

Google

osv.dev

2

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.7%

Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt’s ssh_client.

CPENameOperatorVersion
salteq0.14.0
salteq2015.8.3
salteq0.9.3
salteq0.10.3
salteq2016.3.0rc0
salteq2015.8.8
salteq0.17
salteq0.10.2
salteq2014.7.6
salteq2015.8.4

Rows per page:

1-10 of 821

References

docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html

docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html

docs.saltstack.com/en/latest/topics/releases/2016.11.2.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.7%

Related for OSV:CVE-2017-5200

ubuntucve1 debiancve1 cvelist1 prion1 osv2 alpinelinux1 redhatcve1 cve1 github1 veracode1 openvas1 nessus4 archlinux1 photon2