Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal. CVE-2021-25282 No...

9.1CVSS7.2AI score0.92312EPSS
Exploits5References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-28243

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory...

8.4CVSS7.5AI score0.04302EPSS
Exploits2References32
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.2 views

SUSE CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS9.4AI score0.05196EPSS
Exploits0References32
PyPA
PyPA
added 2021/02/27 5:15 a.m.4 views

PYSEC-2021-75

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...

7.4CVSS6.9AI score0.02954EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2021/02/26 12:0 a.m.7 views

Saltstack SaltStack Salt 命令注入漏洞

SaltStack Salt is a new way to manage infrastructure, easy to deploy, up and running in minutes, scales well, easily manages tens of thousands of servers, and is fast enough to communicate between servers in seconds. SaltStack Salt A command injection vulnerability exists in the restart check for...

7.8CVSS7.1AI score0.04302EPSS
Exploits2References23
Positive Technologies
Positive Technologies
added 2016/11/21 12:0 a.m.5 views

PT-2021-5177 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to improper access restriction in SaltStack Salt, allowing a remote attacker to gain unauthorized access to restricted functions. Specifically, salt-api does not honor...

9.8CVSS7.5AI score0.99585EPSS
Exploits40References209
Positive Technologies
Positive Technologies
added 2016/11/21 12:0 a.m.11 views

PT-2021-2235 · Saltstack +4 · Saltstack Salt +6

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in the certificate authentication procedure on vCenter, vSphere, and ESXi servers. This can allow a remote attacker to perform a "man-in-the-middle" attack. T...

9.8CVSS7.4AI score0.99585EPSS
Exploits40References200
Rows per page
Query Builder