853 matches found
CVE-2022-22935
Removed by vendor...
CVE-2022-22941
Removed by vendor...
CVE-2022-22934
Removed by vendor...
CVE-2022-22941
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...
Improper Authorization
Description When configuring saltstack to authentificate via the salt.auth.pam module. The authorization of a account validity is missing. Therefore expired accounts, or accounts with expired passwords, can still login. Proof of Concept Configure salt with salt.auth.pam and run it with an expired...
SaltStack Minion 3000.x < 3001.8 / 3002.x < 3002.7 / 3003.x < 3003.3 RCE
According to its self-reported version number, the instance of SaltStack has a Minion component installed on the remote server and is affected by a remote code execution vulnerability. A remote, unauthorized attacker can trigger this exposure with a carefully crafted payload to gain full file...
CVE-2021-22004
An improper authentication flaw was found in SaltStack salt before version 3003.3. The Salt minion installer accepts and uses a minion config file at C:\salt\conf if that file is in place before the installer is run. This flaw allows a malicious actor to subvert the proper behavior of the given...
Exposure of Resource to Wrong Sphere in salt
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...
GHSA-PF7H-H2WQ-M7PG Exposure of Resource to Wrong Sphere in salt
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...
Debian DSA-5011-1 : salt - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5011 advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allo...
SaltStack Salt API SSH Client Command Injection (CVE-2020-16846)
A remote code execution vulnerability exists in SaltStack Salt API SSH Client. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Debian DLA-2815-1 : salt - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2815 advisory. Multiple security vulnerabilities have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server...
SaltStack Salt Authentication Bypass Vulnerability
SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote user to access some methods without authentication, which can be used to retrieve user tokens from the salt master and/...
SaltStack Salt Shell Injection Vulnerability
SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API...
SaltStack Salt Path Traversal Vulnerability
SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability...
SaltStack 3000.x < 3001.8 / 3002.x < 3002.7 / 3003.x < 3003.3 Privilege Escalation
According to its self-reported version number, the instance of SaltStack hosted on the remote server is affected by a command injection vulnerability that may result in privilege escalation. This vulnerability exists in the snapper module and allows for the possibility of local privilege escalati...
SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2021:3556-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3556-1 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system...
SUSE SLES15 Security Update : salt (SUSE-SU-2021:3555-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3555-1 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file syst...
SUSE SLES11 Security Update : SUSE Manager Client Tools (SUSE-SU-2021:14833-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14833-1 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access ...
Exploit for OS Command Injection in Saltstack Salt
CVE-2020-16846-Saltstack-Salt-API Vulnerability Explained: An...