SUSE CVE-2021-25284

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

GHSA-XXW3-765M-F37P SaltStack Salt Improper Authentication vulnerability

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

SaltStack Salt Command Injection Vulnerability (CNVD-2021-15056)

SaltStack Salt is a new way to manage infrastructure, easy to deploy, up and running in minutes, scales well, easily manages tens of thousands of servers, and is fast enough to communicate between servers in seconds. SaltStack Salt A command injection vulnerability exists in the restart check for...

PYSEC-2021-54

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

Saltstack SaltStack Salt 安全漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the ability to log...

Saltstack SaltStack Salt 信任管理问题漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the failure to alway...

Saltstack SaltStack Salt 信任管理问题漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fact that...

PT-2021-16500 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: An issue was discovered in SaltStack Salt where salt.modules.cmdmod can log credentials to the info or error log level. Recommendations: For versions prior to 3002.5, update to version 3002...

PT-2021-7507 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in the SSL certificate validation procedure during authentication to services using certain modules. This can allow a remote attacker to perform a...