Salt uses weak permissions on the cache data

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

CVE-2015-8034

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

UBUNTU-CVE-2015-8034

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

Design/Logic Flaw

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

CVE-2015-8034

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

CVE-2015-8034

CVE-2015-8034 affects Salt before version 2015.8.3, where the state.sls function stores cache data with weak permissions, allowing local attackers to read sensitive information. Connected sources confirm the underlying issue and note remediation via upgrading to Salt 2015.8.3 or later. If upgradi...

PT-2017-7315

Name of the Vulnerable Software and Affected Versions Salt versions prior to 2015.8.3 Description The issue concerns the state.sls function in Salt, which uses weak permissions on the cache data. This allows local users to obtain sensitive information by reading the file. Recommendations For...

Salt -- information disclosure

Salt release notes report: CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions This affects users of the state.sls function. The state run cache on the minion was being created with incorrect permissions. This file could potentially contain sensitive data that was inserte...