Lucene search
K

24 matches found

OpenVAS
OpenVAS
added 2024/08/09 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.99585EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.43 views

SUSE SLES11 Security Update : SUSE Manager Client Tools (SUSE-SU-2020:14538-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14538-1 advisory. - An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can resul...

9.8CVSS7.3AI score0.99585EPSS
Exploits5References13
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2020:3243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.99585EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2020:3155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.99585EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:3244-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.99585EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.33 views

Debian DSA-4837-1 : salt - security update

Several vulnerabilities were discovered in salt, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of Salt SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the Salt API using the SSH...

9.8CVSS7.4AI score0.99585EPSS
Exploits5References6
Debian
Debian
added 2021/01/24 3:29 p.m.83 views

[SECURITY] [DSA 4837-1] salt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4837-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 24, 2021 https://www.debian.org/security/faq -...

7.5CVSS1.3AI score0.99585EPSS
Exploits5
OpenVAS
OpenVAS
added 2020/12/05 12:0 a.m.12 views

Debian: Security Advisory (DLA-2480-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.99585EPSS
Exploits5References6
Debian
Debian
added 2020/12/04 5:33 p.m.66 views

[SECURITY] [DLA 2480-1] salt security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2480-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 04, 2020 https://wiki.debian.org/LTS -...

9.8CVSS9.4AI score0.99585EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.27 views

FreeBSD : salt -- multiple vulnerabilities (50259d8b-243e-11eb-8bae-b42e99975750)

SaltStack reports multiple security vulnerabilities in Salt 3002 : - CVE-2020-16846: Prevent shell injections in netapi ssh client. - CVE-2020-17490: Prevent creating world readable private keys with the tls execution module. - CVE-2020-25592: Properly validate eauth credentials and tokens along...

9.8CVSS7.4AI score0.99585EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.30 views

GLSA-202011-13 : Salt: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202011-13 Salt: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Salt. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

9.8CVSS7.2AI score0.99585EPSS
Exploits5References5
ArchLinux
ArchLinux
added 2020/11/10 12:0 a.m.52 views

[ASA-202011-7] salt: multiple issues

Arch Linux Security Advisory ASA-202011-7 ========================================= Severity: Critical Date : 2020-11-10 CVE-ID : CVE-2020-16846 CVE-2020-17490 CVE-2020-25592 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1262 Summary ======= The...

9.8CVSS1.1AI score0.99585EPSS
Exploits5References7
OpenVAS
OpenVAS
added 2020/11/08 12:0 a.m.18 views

openSUSE: Security Advisory for salt (openSUSE-SU-2020:1868-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.9AI score0.99585EPSS
Exploits5References4
OSV
OSV
added 2020/11/06 4:3 p.m.5 views

SUSE-SU-2020:3250-1 Security update for SUSE Manager 4.0

This security update for SUSE Manager 4.0 provides the following fixes: py26-compat-salt: - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846 spacewalk-java: - Use correct eauth module an...

9.8CVSS7.5AI score0.99585EPSS
Exploits5References7
NVD
NVD
added 2020/11/06 8:15 a.m.25 views

CVE-2020-17490

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions...

5.5CVSS6.5AI score0.00408EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2020/11/06 8:15 a.m.6 views

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2020-17490 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2020-17490 Source advisory: OSV:PYSEC-2020-105...

5.5CVSS6.8AI score0.00408EPSS
Exploits0
CVE
CVE
added 2020/11/06 7:29 a.m.197 views

CVE-2020-17490

CVE-2020-17490 affects SaltStack Salt (TLS module) up to version 3002, where the TLS execution module creates certificates with weak file permissions. The root cause is improper permissions on certificate files, potentially exposing private keys and enabling unintended access to sensitive materia...

5.5CVSS7.1AI score0.00408EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2020/11/06 7:29 a.m.37 views

CVE-2020-17490

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions...

5.5CVSS7.5AI score0.00408EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/11/06 12:0 a.m.34 views

CVE-2020-17490

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions...

5.5CVSS6.8AI score0.00408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.31 views

Fedora 33 : salt (2020-5f08623da1)

Update to CVE release 3002.1-1 for Python3 Includes fixes for CVE-2020-16846, CVE-2020-17490, CVE-2020-25592 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it ...

9.8CVSS7.2AI score0.99585EPSS
Exploits5References4
Rows per page
Query Builder