Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 12:24 a.m.4 views

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2017-14695 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2017-14695 Source advisory: OSV:GHSA-J6GJ-PG62-X8J6...

9.8CVSS6.7AI score0.02568EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 8:11 p.m.47 views

USN-4769-1: Salt vulnerabilities

It was discovered that Salt allowed remote attackers to write to arbitrary files via a special crafted file. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3563 Andreas Stieger discovered that Salt...

9.8CVSS7.9AI score0.05199EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.21 views

Photon OS 1.0: Salt PHSA-2018-1.0-0106

An update of the salt package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0106. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121806;...

9.8CVSS7.4AI score0.04629EPSS
Exploits0References7
CVE
CVE
added 2017/10/24 5:0 p.m.78 views

CVE-2017-14695

CVE-2017-14695 is a SaltStack Salt directory traversal vulnerability in minion_id validation. It affects Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2, enabling remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. This iss...

9.8CVSS9.1AI score0.02568EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.33 views

openSUSE Security Update : salt (openSUSE-2017-1183)

Salt was updated to 2017.7.2 and also to fix various bugs and security issues. See the following resources for the full changelog: https://docs.saltstack.com/en/develop/topics/releases/2017.7.2.html https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html...

9.8CVSS7.3AI score0.04629EPSS
Exploits0References30
RedhatCVE
RedhatCVE
added 2017/10/19 12:25 p.m.27 views

CVE-2017-14695

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an...

9.8CVSS5AI score0.04629EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2017/10/09 12:0 a.m.26 views

[ASA-201710-12] salt: multiple issues

Arch Linux Security Advisory ASA-201710-12 ========================================== Severity: Medium Date : 2017-10-09 CVE-ID : CVE-2017-14695 CVE-2017-14696 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-438 Summary ======= The package salt before...

9.8CVSS1AI score0.02739EPSS
Exploits0References6
Rows per page
Query Builder