Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

853 matches found

Tenable Nessus
Tenable Nessusadded 2021/09/10 12:0 a.m.29 views

Fedora 33 : salt (2021-93a7c8b7c6)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-93a7c8b7c6 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...

7.8CVSS7.6AI score0.04548EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2021/09/10 12:0 a.m.33 views

Fedora 34 : salt (2021-00ada7e667)

The remote Fedora 34 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-00ada7e667 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...

7.8CVSS7.6AI score0.04548EPSS
Exploits1References4
NVD
NVDadded 2021/09/08 3:15 p.m.13 views

CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.5CVSS0.02263EPSS
Exploits0References8
OSV
OSVadded 2021/09/08 3:15 p.m.23 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS6.3AI score
Exploits0References4
OSV
OSVadded 2021/09/08 3:15 p.m.23 views

CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.5CVSS7.6AI score
Exploits0References8
NVD
NVDadded 2021/09/08 3:15 p.m.12 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS0.0014EPSS
Exploits0References4
Prion
Prionadded 2021/09/08 3:15 p.m.27 views

Information disclosure

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.1CVSS7.4AI score0.02263EPSS
Exploits0References8Affected Software3
UbuntuCve
UbuntuCveadded 2021/09/08 3:15 p.m.24 views

CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.5CVSS7.1AI score0.02263EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2021/09/08 3:15 p.m.29 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS6.9AI score0.0014EPSS
Exploits0References2
PyPA
PyPAadded 2021/09/08 3:15 p.m.4 views

PYSEC-2021-346

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS6.9AI score0.0014EPSS
Exploits0References5Affected Software1
Prion
Prionadded 2021/09/08 3:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

4.4CVSS6.2AI score0.0014EPSS
Exploits0References4Affected Software2
OSV
OSVadded 2021/09/08 3:15 p.m.18 views

PYSEC-2021-346

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS2.6AI score0.0014EPSS
Exploits0References5
OSV
OSVadded 2021/09/08 3:15 p.m.0 views

UBUNTU-CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.5CVSS7.2AI score0.02263EPSS
Exploits0References3
OSV
OSVadded 2021/09/08 3:15 p.m.36 views

PYSEC-2021-318

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.5CVSS2.4AI score0.02263EPSS
Exploits0References2
Cvelist
Cvelistadded 2021/09/08 3:0 p.m.18 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.8AI score0.0014EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2021/09/08 3:0 p.m.25 views

CVE-2021-22004

Removed by vendor...

6.4CVSS7.9AI score0.0014EPSS
Exploits0
CVE
CVEadded 2021/09/08 3:0 p.m.135 views

CVE-2021-22004

Affected product: SaltStack Salt (before 3003.3). Vulnerability: the salt minion installer will accept a pre-existing minion config file at C:\salt\conf, enabling a malicious actor to subvert minion behavior (CVE-2021-22004). Related issues in the same Fedora/Nessus/OpenVAS records also reference...

6.4CVSS6.2AI score0.0014EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinuxadded 2021/09/08 3:0 p.m.21 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS6.4AI score0.0014EPSS
Exploits0
Cvelist
Cvelistadded 2021/09/08 12:0 a.m.16 views

CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a salt minion...

7.9AI score0.02263EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2021/09/08 12:0 a.m.27 views

CVE-2021-21996

Removed by vendor...

7.5CVSS8.5AI score0.02263EPSS
Exploits0
Rows per page
Query Builder