The vulnerability of the configuration management system and remote execution capabilities of SaltStack Salt, related to errors in the certificate validation process, allows a perpetrator to carry out a “man-in-the-middle” attack.
The vulnerability of the configuration management system and the remote execution of operations in SaltStack Salt is related to errors in the certificate validation process on vCenter, vSphere, and ESXi servers. Exploiting this vulnerability allows a malicious actor to carry out a...