Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2022/01/18 11:45 a.m.24 views

CVE-2021-22004

An improper authentication flaw was found in SaltStack salt before version 3003.3. The Salt minion installer accepts and uses a minion config file at C:\salt\conf if that file is in place before the installer is run. This flaw allows a malicious actor to subvert the proper behavior of the given...

6.4CVSS4.6AI score0.00346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.34 views

Fedora 34 : salt (2021-00ada7e667)

The remote Fedora 34 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-00ada7e667 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...

7.8CVSS7.6AI score0.03808EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.30 views

Fedora 33 : salt (2021-93a7c8b7c6)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-93a7c8b7c6 advisory. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system acces...

7.8CVSS7.6AI score0.03808EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/09/10 12:0 a.m.19 views

Fedora: Security Advisory for salt (FEDORA-2021-93a7c8b7c6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.2AI score0.03808EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2021/09/08 3:15 p.m.5 views

elita (>=0.60.0 <=0.64.1), slskit (>=2020.1.1 <=2020.9.0) potentially affected by CVE-2021-22004 via salt (>=2014.1.10 <=3001.8.0)

salt PYPI version =2014.1.10, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2021-22004 Source advisory: OSV:PYSEC-2021-346...

6.4CVSS6.9AI score0.00346EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/09/08 3:15 p.m.34 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.4CVSS6.9AI score0.00346EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/09/08 3:0 p.m.22 views

CVE-2021-22004

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software...

6.8AI score0.00346EPSS
Exploits0References4
CVE
CVE
added 2021/09/08 3:0 p.m.146 views

CVE-2021-22004

Affected product: SaltStack Salt (before 3003.3). Vulnerability: the salt minion installer will accept a pre-existing minion config file at C:\salt\conf, enabling a malicious actor to subvert minion behavior (CVE-2021-22004). Related issues in the same Fedora/Nessus/OpenVAS records also reference...

6.4CVSS6.2AI score0.00346EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder