Lucene search
K

23 matches found

vulnersosv
vulnersosv
added 2024/11/14 6:30 a.m.5 views

elita (>=0.60.0 <=0.64.1), slskit (>=2020.1.1 <=2020.9.0) potentially affected by CVE-2023-34049 via salt (>=2014.1.10 <=3001.8.0)

salt PYPI version =2014.1.10, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2023-34049 Source advisory: OSV:GHSA-4277-M35Q-7C9W...

6.7CVSS6.9AI score0.00187EPSS
Exploits0
ubuntucve
ubuntucve
added 2024/11/14 5:15 a.m.25 views

CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References2
circl
circl
added 2024/11/14 4:24 a.m.8 views

CVE-2023-34049

creationtimestamp| type| source ---|---|--- 2024-11-14 04:24:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113479403082528116 2024-11-14 06:37:10+00:00| seen| https://t.me/cvedetector/10905...

6.7CVSS7.1AI score0.00187EPSS
Exploits0References2
cvelist
cvelist
added 2024/11/14 4:13 a.m.34 views

CVE-2023-34049 Salt security advisory release - 2023-OCT-27

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS0.00187EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/14 4:13 a.m.26 views

CVE-2023-34049 Salt security advisory release - 2023-OCT-27

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.8AI score0.00187EPSS
Exploits0References1
debiancve
debiancve
added 2024/11/14 4:13 a.m.32 views

CVE-2023-34049

Removed by vendor...

6.7CVSS7.3AI score0.00187EPSS
Exploits0
openvas
openvas
added 2024/03/04 12:0 a.m.21 views

openSUSE: Security Advisory for salt (SUSE-SU-2023:4388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References2
openvas
openvas
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for salt (SUSE-SU-2023:4386-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References2
openvas
openvas
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for salt (SUSE-SU-2023:4387-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References2
nessus
nessus
added 2023/12/14 12:0 a.m.17 views

SUSE SLES15 Security Update : SUSE Manager Salt Bundle (SUSE-SU-2023:4749-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4749-1 advisory. venv-salt-minion: Security fixes: CVE-2023-34049: Arbitrary code execution via symlink attack bsc1215157 Non security fixes: Add python dateutil module...

6.7CVSS7.2AI score0.00187EPSS
Exploits0References6
openvas
openvas
added 2023/11/10 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2023:4390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References7
openvas
openvas
added 2023/11/10 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2023:4389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References7
openvas
openvas
added 2023/11/10 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:4388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References7
nessus
nessus
added 2023/11/10 12:0 a.m.18 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2023:4389-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4389-1 advisory. Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack bsc1215157 Bugs fixed: - Fix optimizationorder opt to...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References7
nessus
nessus
added 2023/11/10 12:0 a.m.18 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : salt (SUSE-SU-2023:4387-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4387-1 advisory. - allows an attacker to force Salt-SSH to run their script fedora-all CVE-2023-34049 Note that Nessus has...

6.7CVSS7.1AI score0.00187EPSS
Exploits0References7
nessus
nessus
added 2023/11/10 12:0 a.m.29 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : salt (SUSE-SU-2023:4388-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4388-1 advisory. - allows an attacker to force Salt-SSH to run their script fedora-all CVE-2023-34049 Note that Nessus has...

6.7CVSS7.1AI score0.00187EPSS
Exploits0References7
nessus
nessus
added 2023/11/10 12:0 a.m.21 views

SUSE SLES15 Security Update : SUSE Manager Server 4.3 (SUSE-SU-2023:4412-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4412-1 advisory. - Update to SUSE Manager 4.3.9 Debian 12 support as client New Update Notification jscSUMA-111 Monitoring: Grafana upgraded to 9.5.8 Update 'saltkey'...

6.7CVSS6.7AI score0.00187EPSS
Exploits0References26
nessus
nessus
added 2023/11/10 12:0 a.m.20 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2023:4390-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4390-1 advisory. Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack bsc1215157 Bugs fixed: - Fix optimizationorder opt to...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References7
osv
osv
added 2023/11/09 2:37 a.m.3 views

SUSE-SU-2023:4389-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack bsc1215157 Bugs fixed: - Fix optimizationorder opt to prevent testsuite fails - Improve salt.utils.json.findjson to avoid fails bsc1213293 - Use salt-call from sal...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References6
openvas
openvas
added 2023/11/08 12:0 a.m.18 views

Fedora: Security Advisory for salt (FEDORA-2023-89e8f3efc5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS6.6AI score0.00187EPSS
Exploits0References2
Rows per page
Query Builder