CVE-2021-25283

CVE-2021-25283 concerns SaltStack Salt prior to 3002.5, where the jinja renderer fails to protect against server-side template injection attacks. The issue is documented across multiple sources: the initial description notes SSR risk; GitHub advisories and Gentoo/Fedora/Debian records reference t...

CVE-2020-28972

In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers in the vmware.py files does not always validate the SSL/TLS certificate...

CVE-2021-3148

Removed by vendor...

CVE-2020-28243

Removed by vendor...

CVE-2020-28972

SaltStack Salt CVE-2020-28972 : A vulnerability in Salt before 3002.5 allows authentication to VMware vcenter, vSphere, and ESXi servers via the vmware.py code paths without always validating SSL/TLS certificates. The issue stems from improper certificate validation in the SSL/TLS verification fl...

CVE-2021-25284

Removed by vendor...

CVE-2020-28243

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory...

CVE-2021-3148

An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py...

CVE-2021-25281

Removed by vendor...

CVE-2021-25283

Removed by vendor...

Saltstack SaltStack Salt 路径遍历漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A path traversal vulnerability exists in SaltStack Salt versions prior to 3002.5. No detailed vulnerability details...

SaltStack Salt Code Injection Vulnerability

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A code injection vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from a failure of t...

SaltStack Salt Authorization Issues Vulnerability

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. An authorization issue vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fa...

SaltStack Salt rest_cherrypy ssh_remote_port_forwards Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the sshremoteportforwards parameter, the process do...

SaltStack Salt rest_cherrypy ssh_port Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the sshport parameter, the process does not properl...

SaltStack Salt rest_cherrypy ssh_options Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the sshoptions parameter, the process does not...

SaltStack Salt REST API Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt REST API Arbitrary Command Execution', 'Description' = %q This module exploits an authentication bypass and command injection in...

SaltStack Salt API Unauthorized Access Vulnerability

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack. A security vulnerability exists in the SaltStack Salt API, which can be exploited by a remote attacker to submit a special request that can be used to gain unauthorized access to an application...

SaltStack Salt API Arbitrary Code Execution Vulnerability

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack. An input validation vulnerability exists in the SaltStack Salt API that can be exploited by a remote attacker to submit a special request for unauthorized access to arbitrary code...

CVE-2020-17490

A flaw was found in Salt. The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. The highest threat from this vulnerability is to confidentiality...