Lucene search
GoogleOSV:GHSA-XCX4-5WQ7-G5G7HistoryMay 17, 2022 - 2:46 a.m.
SaltStack Salt Information Exposure
2022-05-1702:46:54
Google
osv.dev
7
0.0004 Low
EPSS
Percentile
5.1%
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
References
www.securityfocus.com/bid/98095
bugzilla.suse.com/show_bug.cgi?id=1035912
docs.saltstack.com/en/latest/topics/releases/2016.11.4.html
github.com/saltstack/salt
github.com/saltstack/salt/issues/40075
github.com/saltstack/salt/pull/40609
github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658
nvd.nist.gov/vuln/detail/CVE-2017-8109
Related
redhatcve
redhatcve
CVE-2017-8109
2017-04-26 09:18:18
ubuntucve
ubuntucve
CVE-2017-8109
2017-04-25 00:00:00
debian
debian
Security Update for salt
2017-07-05 08:00:25
Security Update for salt
2017-07-05 07:51:05
veracode
veracode
Information Disclosure
2017-04-28 03:27:00
prion
prion
Code injection
2017-04-25 17:59:00
osv
osv
CVE-2017-8109
2017-04-25 17:59:00
PYSEC-2017-82
2017-04-25 17:59:00
nvd
nvd
CVE-2017-8109
2017-04-25 17:59:00
github
github
SaltStack Salt Information Exposure
2022-05-17 02:46:54
cve
cve
CVE-2017-8109
2017-04-25 17:59:00
cvelist
cvelist
CVE-2017-8109
2017-04-25 17:00:00
debiancve
debiancve
CVE-2017-8109
2017-04-25 17:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1581-1)
2021-06-09 00:00:00
nessus
nessus
SUSE SLES11 Security Update : Salt (SUSE-SU-2017:1581-1)
2017-06-20 00:00:00
Photon OS 1.0: Salt PHSA-2018-1.0-0106 (deprecated)
2018-08-17 00:00:00
Photon OS 1.0: Salt PHSA-2018-1.0-0106
2019-02-07 00:00:00
photon
photon