2 matches found
SUSE CVE-2021-3144
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...
PT-2021-5604 · Saltstack +2 · Saltstack Salt +2
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in processing authentication requests for expired eauth tokens. This could allow a remote attacker to execute arbitrary commands, potentially against the salt...