853 matches found
CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
CVE-2021-25283
Removed by vendor...
CVE-2021-25281
Removed by vendor...
CVE-2021-25281
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master. Recent assessments: kevthehermit at February 26, 2021 5:08pm UTC reported: Vulnerability This...
CVE-2021-25284
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...
CVE-2021-3148
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py...
Exploit for Improper Authentication in Saltstack Salt
CVE-2021-25281...
SaltStack Salt Path Traversal Vulnerability
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A path traversal vulnerability exists in SaltStack Salt versions prior to 3002.5. No detailed vulnerability details...
Saltstack SaltStack Salt 安全漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the ability to log...
Saltstack SaltStack Salt 路径遍历漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A path traversal vulnerability exists in SaltStack Salt versions prior to 3002.5. No detailed vulnerability details...
Saltstack SaltStack Salt 授权问题漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. An authorization issue vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fa...
Saltstack SaltStack Salt 命令注入漏洞
SaltStack Salt is a new way to manage infrastructure, easy to deploy, up and running in minutes, scales well, easily manages tens of thousands of servers, and is fast enough to communicate between servers in seconds. A command injection vulnerability exists in SaltStack Salt versions prior to Sal...
Saltstack SaltStack Salt 命令注入漏洞
SaltStack Salt is a new way to manage infrastructure, easy to deploy, up and running in minutes, scales well, easily manages tens of thousands of servers, and is fast enough to communicate between servers in seconds. SaltStack Salt A command injection vulnerability exists in the restart check for...
Saltstack SaltStack Salt 代码问题漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fact that eaut...
Saltstack SaltStack Salt 代码注入漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A code injection vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from a failure of t...
Saltstack SaltStack Salt 注入漏洞
SaltStack Salt is a new way to manage infrastructure, easy to deploy, up and running in minutes, scales well, easily manages tens of thousands of servers, and is fast enough to communicate between servers in seconds. A shell injection vulnerability exists in the ssh client of the salt-api in...
Saltstack SaltStack Salt 信任管理问题漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fact that...
Saltstack SaltStack Salt 信任管理问题漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the failure to alway...
SaltStack Salt Code Injection Vulnerability
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A code injection vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from a failure of t...
SaltStack Salt Authorization Issues Vulnerability
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. An authorization issue vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fa...