8 matches found
CVE-2021-22004
An improper authentication flaw was found in SaltStack salt before version 3003.3. The Salt minion installer accepts and uses a minion config file at C:\salt\conf if that file is in place before the installer is run. This flaw allows a malicious actor to subvert the proper behavior of the given...
Fedora 34 : salt (2021-00ada7e667)
The remote Fedora 34 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-00ada7e667 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...
Fedora 33 : salt (2021-93a7c8b7c6)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-93a7c8b7c6 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...
Fedora: Security Advisory for salt (FEDORA-2021-93a7c8b7c6)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
elita (>=0.60.0 <=0.64.1), slskit (>=2020.1.1 <=2020.9.0) potentially affected by CVE-2021-22004 via salt (>=2014.1.10 <=3001.8.0)
salt PYPI version =2014.1.10, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2021-22004 Source advisory: OSV:PYSEC-2021-346...
CVE-2021-22004
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...
CVE-2021-22004
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...
CVE-2021-22004
Affected product: SaltStack Salt (before 3003.3). Vulnerability: the salt minion installer will accept a pre-existing minion config file at C:\salt\conf, enabling a malicious actor to subvert minion behavior (CVE-2021-22004). Related issues in the same Fedora/Nessus/OpenVAS records also reference...