Lucene search
K

11 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:43 p.m.19 views

SaltStack Salt eauth tokens can be used once after expiration

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS9.4AI score0.05196EPSS
Exploits0References19Affected Software1
OSV
OSV
added 2022/05/24 5:43 p.m.16 views

GHSA-W2HR-3MC8-46GH SaltStack Salt eauth tokens can be used once after expiration

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS9.4AI score0.05196EPSS
Exploits0References19
Veracode
Veracode
added 2021/03/01 5:52 a.m.23 views

Insecure Session Management

salt uses an insecure session management. The eauth tokens are not invalidated upon expiration, allowing usage thereafter and these session tokens can be used to run commands against the salt master and minions...

9.1CVSS3.3AI score0.05196EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2021/02/27 5:15 a.m.13 views

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS0.05196EPSS
Exploits0References9
OSV
OSV
added 2021/02/27 5:15 a.m.18 views

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS9.3AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2021/02/27 5:15 a.m.23 views

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS7.2AI score0.05196EPSS
Exploits0References3
Prion
Prion
added 2021/02/27 5:15 a.m.18 views

Command injection

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

7.5CVSS9.3AI score0.05196EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2021/02/27 5:15 a.m.18 views

PYSEC-2021-54

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS1.9AI score0.05196EPSS
Exploits0References7
Cvelist
Cvelist
added 2021/02/27 12:0 a.m.24 views

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.7AI score0.05196EPSS
Exploits0References9
CVE
CVE
added 2021/02/27 12:0 a.m.271 views

CVE-2021-3144

CVE-2021-3144 affects SaltStack Salt prior to 3002.5. The vulnerability allows eauth tokens to be used once after expiration, potentially enabling an attacker to execute commands against the salt-master or minions. In exposed advisories, the impact is remote command execution with high severity, ...

9.1CVSS9.3AI score0.05196EPSS
Exploits0References9Affected Software1
AlpineLinux
AlpineLinux
added 2021/02/27 12:0 a.m.34 views

CVE-2021-3144

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS9.6AI score0.05196EPSS
Exploits0
Rows per page
Query Builder