Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

0day.today
0day.todayadded 2020/05/04 12:0 a.m.85 views

Saltstack 3000.1 - Remote Code Execution Exploit

Exploit Title: Saltstack 3000.1 - Remote Code Execution Exploit Author: Jasper Lievisse Adriaanse Vendor Homepage: https://www.saltstack.com/ Version: 3000.2, 2019.2.4, 2017., 2018. Tested on: Debian 10 with Salt 2019.2.0 CVE : CVE-2020-11651 and CVE-2020-11652 Discription: Saltstack authenticati...

9.8CVSS0.7AI score0.96405EPSS
Exploits24
Cvelist
Cvelistadded 2020/01/17 1:16 a.m.29 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.9AI score0.15106EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2019/07/29 12:0 a.m.5 views

PT-2020-3642 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 2019.2.3 SaltStack Salt versions prior to 2019.2.0 Description: The issue allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. This is due ...

9.8CVSS8.9AI score0.99585EPSS
Exploits37References116
Rows per page
Query Builder