Lucene search
+L

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-25281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can...

9.8CVSS7.2AI score0.72945EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2024/08/09 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.99585EPSS
Exploits13References4
vulnersOsv
vulnersOsv
added 2022/05/24 5:43 p.m.6 views

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2021-25281 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2021-25281 Source advisory: OSV:GHSA-XXW3-765M-F37P...

9.8CVSS7.2AI score0.72945EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.61 views

SUSE SLES11 Security Update : salt (SUSE-SU-2021:14650-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14650-1 advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process...

9.8CVSS7.1AI score0.92312EPSS
Exploits8References33
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:14650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2021:0630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:14682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2021:0631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:0628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.21 views

Fedora: Security Advisory for salt (FEDORA-2021-43eb5584ad)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2021/03/03 12:0 a.m.36 views

Fedora 32 : salt (2021-904a2dbc0c)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-904a2dbc0c advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name...

9.8CVSS7.1AI score0.92312EPSS
Exploits8References11
OpenVAS
OpenVAS
added 2021/03/03 12:0 a.m.23 views

Fedora: Security Advisory for salt (FEDORA-2021-904a2dbc0c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2021/03/01 12:0 a.m.34 views

openSUSE Security Update : salt (openSUSE-2021-347)

This update for salt fixes the following issues : - Fix regression on cmd.run when passing tuples as cmd bsc1182740 - Allow extrafilerefs as sanitized kwargs for SSH client - Fix errors with virt.update - Fix for multiple for security issues CVE-2020-28243 CVE-2020-28972 CVE-2020-35662...

9.8CVSS6.9AI score0.92312EPSS
Exploits8References22
OSV
OSV
added 2021/02/27 5:15 a.m.35 views

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

9.8CVSS9.4AI score
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2021/02/27 12:0 a.m.323 views

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master. Recent assessments: kevthehermit at February 26, 2021 5:08pm UTC reported: Vulnerability This...

9.8CVSS9.8AI score0.92312EPSS
Exploits6References9
CVE
CVE
added 2021/02/27 12:0 a.m.315 views

CVE-2021-25281

The CVE-2021-25281 issue affects SaltStack Salt prior to 3002.5, where salt-api does not honor eauth credentials for the wheel_async client. This auth bypass enables a remote attacker to run wheel modules on the master, potentially granting remote command execution and broader access. Public sour...

9.8CVSS9.2AI score0.72945EPSS
In wildExploits5References11Affected Software1
Cvelist
Cvelist
added 2021/02/27 12:0 a.m.29 views

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

9.6AI score0.72945EPSS
Exploits5References11
Tenable Nessus
Tenable Nessus
added 2021/02/27 12:0 a.m.63 views

Photon OS 3.0: Salt3 PHSA-2021-3.0-0200

An update of the salt3 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0200. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146874;...

9.8CVSS8AI score0.92312EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2021/02/27 12:0 a.m.59 views

Photon OS 1.0: Salt3 PHSA-2021-1.0-0364

An update of the salt3 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0364. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146877...

9.8CVSS7.7AI score0.92312EPSS
Exploits8References11
Circl
Circl
added 2021/02/26 10:46 a.m.10 views

CVE-2021-25281

creationtimestamp| type| source ---|---|--- 2021-02-26 10:46:06+00:00| seen| https://t.me/cKure/4084 2021-02-27 07:40:09+00:00| seen| https://t.me/cibsecurity/24281 2021-03-31 19:58:01+00:00| seen|...

9.8CVSS8.5AI score0.72945EPSS
Exploits5References6
Rows per page
Query Builder