Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2022/04/01 12:0 a.m.42 views

openSUSE 15 Security Update : salt (openSUSE-SU-2022:1059-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1059-1 advisory. - An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion...

8.8CVSS7.4AI score0.01586EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2022/03/31 12:0 a.m.17 views

openSUSE: Security Advisory for salt (openSUSE-SU-2022:1059-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.5AI score0.01586EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/31 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2022:1059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.5AI score0.01586EPSS
Exploits0References2
OSV
OSV
added 2022/03/30 3:33 p.m.10 views

SUSE-SU-2022:1059-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM bsc1197417 - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. bsc1197417 - CVE-2022-22936: Prevent job and fileserver replays bsc1197417 - CVE-2022-22941: Fixed targeting bug,...

8.8CVSS6.2AI score0.01586EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2022/03/30 12:0 a.m.3 views

elita (>=0.60.0 <=0.64.1), slskit (>=2020.1.1 <=2020.9.0) potentially affected by CVE-2022-22935 via salt (>=2014.1.10 <=3001.8.0)

salt PYPI version =2014.1.10, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2022-22935 Source advisory: OSV:GHSA-CVCC-5X92-GMHC...

4.3CVSS6.7AI score0.01586EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/03/30 12:0 a.m.25 views

SUSE SLED15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2022:1059-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1059-1 advisory. - CVE-2022-22935: Sign authentication replies to prevent MiTM bsc1197417 - CVE-2022-22934: Sign pillar data to...

8.8CVSS6.8AI score0.01586EPSS
Exploits0References10
CVE
CVE
added 2022/03/29 12:0 a.m.134 views

CVE-2022-22935

The connected Nessus document for CVE-2022-22935 confirms a concrete vulnerability in SaltStack Salt prior to 3002.8, 3003.4, and 3004.1: a minion authentication denial-of-service that allows a MiTM attacker to impersonate the master and stop a minion process. No patch or remediation details are ...

4.3CVSS5.7AI score0.01586EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder