Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-17361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker...

9.8CVSS8.7AI score0.15106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:0684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.15106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.64 views

Ubuntu 16.04 LTS / 18.04 LTS : Salt vulnerabilities (USN-4459-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4459-1 advisory. It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract...

9.8CVSS8.6AI score0.96405EPSS
Exploits25References6
OpenVAS
OpenVAS
added 2020/08/15 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-4459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.96405EPSS
Exploits25References4
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.44 views

Debian: Security Advisory (DSA-4676-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.96405EPSS
Exploits25References6
OpenVAS
OpenVAS
added 2020/03/19 12:0 a.m.33 views

openSUSE: Security Advisory for salt (openSUSE-SU-2020:0357-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.8AI score0.15106EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/01/30 8:9 p.m.43 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS9.9AI score0.15106EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2020/01/29 12:0 a.m.34 views

[ASA-202001-7] salt: arbitrary command execution

Arch Linux Security Advisory ASA-202001-7 ========================================= Severity: Medium Date : 2020-01-29 CVE-ID : CVE-2019-17361 Package : salt Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1087 Summary ======= The package salt before...

9.8CVSS2AI score0.15106EPSS
Exploits0References4
NVD
NVD
added 2020/01/17 2:15 a.m.23 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS9.9AI score0.15106EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2020/01/17 2:15 a.m.4 views

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2019-17361 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2019-17361 Source advisory: OSV:PYSEC-2020-177...

9.8CVSS7.2AI score0.15106EPSS
Exploits0
CVE
CVE
added 2020/01/17 1:16 a.m.285 views

CVE-2019-17361

CVE-2019-17361 affects Salt before 2019.2.3, where the salt-api NET API with the ssh client enabled is vulnerable to remote command execution. The vulnerability allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. Affected advi...

9.8CVSS9.8AI score0.15106EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2020/01/17 1:16 a.m.45 views

CVE-2019-17361

Removed by vendor...

9.8CVSS9.4AI score0.15106EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/01/17 1:16 a.m.44 views

CVE-2019-17361

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS10AI score0.15106EPSS
Exploits0
Rows per page
Query Builder