Lucene search
GoogleOSV:GHSA-Q27C-J6J9-53W3HistoryJun 27, 2024 - 9:30 a.m.
Directory creation by malicious user in saltstack
2024-06-2709:30:39
Google
osv.dev
1
saltstack
syndic cache
directory traversal
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can leadΒ a malicious attacker to create an arbitrary directory on a Salt master.
Related
alpinelinux
alpinelinux
CVE-2024-22231
2024-06-27 07:15:52
osv
osv
CVE-2024-22231
2024-06-27 07:15:52
veracode
veracode
Path Traversal
2024-02-06 17:59:45
cvelist
cvelist
nvd
nvd
CVE-2024-22231
2024-06-27 07:15:52
debiancve
debiancve
CVE-2024-22231
2024-06-27 07:15:52
github
github
Directory creation by malicious user in saltstack
2024-06-27 09:30:39
cve
cve
CVE-2024-22231
2024-06-27 07:15:52
nessus
nessus
SUSE SLES15 Security Update : salt (SUSE-SU-2024:0507-1)
2024-02-17 00:00:00
SUSE SLES15 Security Update : salt (SUSE-SU-2024:0508-1)
2024-02-17 00:00:00
SaltStack 3000 < 3005.5 / 3006 < 3006.6 Multiple Vulnerablities
2024-02-22 00:00:00
openvas
openvas
openSUSE: Security Advisory for salt (SUSE-SU-2024:0509-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0509-1)
2024-02-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0506-1)
2024-02-16 00:00:00
redos
redos
ROS-20240625-05
2024-06-25 00:00:00
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for OSV:GHSA-Q27C-J6J9-53W3