Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.3 views

SUSE CVE-2017-12791

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID...

6.5CVSS6.9AI score0.04629EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2017:2666-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04629EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2021/03/15 8:11 p.m.47 views

USN-4769-1: Salt vulnerabilities

It was discovered that Salt allowed remote attackers to write to arbitrary files via a special crafted file. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3563 Andreas Stieger discovered that Salt...

9.8CVSS7.9AI score0.05199EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.21 views

Photon OS 1.0: Salt PHSA-2018-1.0-0106

An update of the salt package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0106. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121806;...

9.8CVSS7.4AI score0.04629EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/11/27 12:0 a.m.35 views

FreeBSD : salt -- multiple vulnerabilities (50127e44-7b88-4ade-8e12-5d57320823f1)

SaltStack reports : Directory traversal vulnerability in minion id validation in SaltStack. Allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. Credit for discovering the security flaw goes to: Julian Brost [email protected]. NOTE: this...

9.8CVSS7.2AI score0.02739EPSS
Exploits0References7
Veracode
Veracode
added 2017/10/25 2:27 a.m.45 views

Directory Traversal

salt is vulnerable to directory traversal attacks. The attack is possible because of an incomplete fix for CVE-2017-12791. A malicious user can include escape characters and path separators into credentials when authenticating to a master to traverse the filesystem...

9.8CVSS9.2AI score0.04629EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2017/10/24 5:0 p.m.78 views

CVE-2017-14695

CVE-2017-14695 is a SaltStack Salt directory traversal vulnerability in minion_id validation. It affects Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2, enabling remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. This iss...

9.8CVSS9.1AI score0.02568EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.33 views

openSUSE Security Update : salt (openSUSE-2017-1183)

Salt was updated to 2017.7.2 and also to fix various bugs and security issues. See the following resources for the full changelog: https://docs.saltstack.com/en/develop/topics/releases/2017.7.2.html https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html...

9.8CVSS7.3AI score0.04629EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2017/10/11 12:0 a.m.24 views

SUSE SLES11 Security Update : salt (SUSE-SU-2017:2666-1)

This update for salt fixes one security issue and bugs. The following security issue has been fixed : - CVE-2017-12791: Directory traversal vulnerability in minion id validation allowed remote minions with incorrect credentials to authenticate to a master via a crafted minion ID bsc1053955. The...

9.8CVSS7.1AI score0.04629EPSS
Exploits0References7
OSV
OSV
added 2017/10/09 1:38 p.m.8 views

SUSE-SU-2017:2674-1 Security update for Salt

This update for salt fixes one security issue and bugs: The following security issue has been fixed: - CVE-2017-12791: Directory traversal vulnerability in minion id validation allowed remote minions with incorrect credentials to authenticate to a master via a crafted minion ID bsc1053955...

9.8CVSS9.3AI score0.04629EPSS
Exploits0References7
Rows per page
Query Builder