CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

CVE-2021-25282

Removed by vendor...

CVE-2020-28972

In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers in the vmware.py files does not always validate the SSL/TLS certificate...

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

CVE-2021-25283

An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...

CVE-2020-35662

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...

CVE-2021-3197

Removed by vendor...

CVE-2020-28972

Removed by vendor...

CVE-2021-3197

SaltStack Salt before 3002.5 is vulnerable in the salt-api ssh client to a shell injection via ProxyCommand or via ssh_options provided in API requests. Affected component: salt-api SSH handling; root cause: improper handling of ProxyCommand/ssh_options inputs leading to command injection. Impact...

CVE-2021-25282

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal...

CVE-2021-25284

CVE-2021-25284 affects SaltStack Salt prior to 3002.5, where salt.modules.cmdmod can log credentials to info or error logs. Exploitation details are not provided in the sources, but multiple advisories confirm credential leakage via logging within cmdmod. Remediation across sources centers on upg...

CVE-2021-25284

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

CVE-2021-25282

CVE-2021-25282 affects SaltStack Salt prior to 3002.5, where the salt.wheel.pillar_roots.write method is vulnerable to directory traversal in the Salt API wheelClient. This can allow writing to subdirectories via pillar_roots.write. Debian and Fedora advisories indicate patches and upgrades to Sa...

CVE-2020-28972

SaltStack Salt CVE-2020-28972 : A vulnerability in Salt before 3002.5 allows authentication to VMware vcenter, vSphere, and ESXi servers via the vmware.py code paths without always validating SSL/TLS certificates. The issue stems from improper certificate validation in the SSL/TLS verification fl...

CVE-2021-25284

Removed by vendor...

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

CVE-2020-35662

Removed by vendor...

CVE-2021-3148

An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py...

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master. Recent assessments: kevthehermit at February 26, 2021 5:08pm UTC reported: Vulnerability This...