Lucene search
+L
SaltstackSalt3002

15 matches found

CVE
CVE
added 2020/11/06 7:27 a.m.1199 views

CVE-2020-16846

CVE-2020-16846 affects SaltStack Salt via the Salt API SSH Client. The issue allows an unauthenticated, network-accessible user to execute arbitrary commands by injecting shell commands through crafted requests to the Salt API when the SSH client is enabled. The vulnerability is cited across mult...

9.8CVSS9.3AI score0.99585EPSS
In wildWeb
CVE
CVE
added 2021/02/27 12:0 a.m.320 views

CVE-2021-25282

CVE-2021-25282 affects SaltStack Salt prior to 3002.5, where the salt.wheel.pillar_roots.write method is vulnerable to directory traversal in the Salt API wheelClient. This can allow writing to subdirectories via pillar_roots.write. Debian and Fedora advisories indicate patches and upgrades to Sa...

9.1CVSS9.1AI score0.92312EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.315 views

CVE-2021-25281

The CVE-2021-25281 issue affects SaltStack Salt prior to 3002.5, where salt-api does not honor eauth credentials for the wheel_async client. This auth bypass enables a remote attacker to run wheel modules on the master, potentially granting remote command execution and broader access. Public sour...

9.8CVSS9.2AI score0.72945EPSS
In wild
CVE
CVE
added 2021/02/27 12:0 a.m.310 views

CVE-2021-25283

CVE-2021-25283 concerns SaltStack Salt prior to 3002.5, where the jinja renderer fails to protect against server-side template injection attacks. The issue is documented across multiple sources: the initial description notes SSR risk; GitHub advisories and Gentoo/Fedora/Debian records reference t...

9.8CVSS9.4AI score0.10426EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.288 views

CVE-2021-3197

SaltStack Salt before 3002.5 is vulnerable in the salt-api ssh client to a shell injection via ProxyCommand or via ssh_options provided in API requests. Affected component: salt-api SSH handling; root cause: improper handling of ProxyCommand/ssh_options inputs leading to command injection. Impact...

9.8CVSS9.3AI score0.72327EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.284 views

CVE-2021-25284

CVE-2021-25284 affects SaltStack Salt prior to 3002.5, where salt.modules.cmdmod can log credentials to info or error logs. Exploitation details are not provided in the sources, but multiple advisories confirm credential leakage via logging within cmdmod. Remediation across sources centers on upg...

4.4CVSS6.5AI score0.00539EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.279 views

CVE-2021-3148

CVE-2021-3148 affects SaltStack Salt prior to 3002.5. Sending crafted web requests to the Salt API can trigger a command injection via salt.utils.thin.gen_thin() due to divergent handling of single vs. double quotes in salt/utils/thin.py. The vulnerability is documented across multiple advisories...

9.8CVSS9.4AI score0.08246EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.275 views

CVE-2021-3144

CVE-2021-3144 affects SaltStack Salt prior to 3002.5. The vulnerability allows eauth tokens to be used once after expiration, potentially enabling an attacker to execute commands against the salt-master or minions. In exposed advisories, the impact is remote command execution with high severity, ...

9.1CVSS9.3AI score0.05196EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.266 views

CVE-2020-28243

CVE-2020-28243 affects SaltStack Salt before 3002.5. The minion’s path restartcheck is vulnerable to command injection via a crafted process name, enabling local privilege escalation for any user who can create files on the minion in a non-blacklisted directory. The issue is documented across mul...

7.8CVSS8.5AI score0.04302EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.262 views

CVE-2020-35662

SaltStack Salt before 3002.5 does not consistently validate SSL certificates during authentication with certain modules. Affected: Salt (SaltStack Salt) core; root cause: SSL certificate validation is bypassed/not consistently enforced. Impact: potential exposure of credentials or sensitive data ...

7.4CVSS8.2AI score0.02954EPSS
CVE
CVE
added 2021/02/27 12:0 a.m.247 views

CVE-2020-28972

SaltStack Salt CVE-2020-28972 : A vulnerability in Salt before 3002.5 allows authentication to VMware vcenter, vSphere, and ESXi servers via the vmware.py code paths without always validating SSL/TLS certificates. The issue stems from improper certificate validation in the SSL/TLS verification fl...

5.9CVSS7.3AI score0.0309EPSS
CVE
CVE
added 2022/03/29 12:0 a.m.195 views

CVE-2022-22934

The CVE-2022-22934 issue affects SaltStack Salt versions before 3002.8, 3003.4, or 3004.1, where Salt Masters do not sign pillar data with the minion’s public key, enabling an attacker to substitute arbitrary pillar data. Connected advisories corroborate multiple vulnerability entries for Salt in...

8.8CVSS8.4AI score0.00861EPSS
CVE
CVE
added 2022/03/29 12:0 a.m.174 views

CVE-2022-22936

CVE-2022-22936 affects SaltStack Salt before versions 3002.8, 3003.4, and 3004.1. The issue allows replay attacks on job publishes and on file server replies, enabling an attacker to replay old jobs to minions. In certain scenarios, a craftier attacker could gain root access on a minion. Public s...

8.8CVSS8.4AI score0.00808EPSS
CVE
CVE
added 2022/03/29 12:0 a.m.157 views

CVE-2022-22941

CVE-2022-22941 affects SaltStack Salt prior to 3002.8, 3003.4, and 3004.1 when configured as a Master‑of‑Masters with a publisher_acl. A Syndic‑connected minion set can be targeted by a user in publisher_acl, and the Master can incorrectly treat no valid targets as valid, allowing that user to pu...

8.8CVSS8.4AI score0.01315EPSS
CVE
CVE
added 2022/03/29 12:0 a.m.135 views

CVE-2022-22935

The connected Nessus document for CVE-2022-22935 confirms a concrete vulnerability in SaltStack Salt prior to 3002.8, 3003.4, and 3004.1: a minion authentication denial-of-service that allows a MiTM attacker to impersonate the master and stop a minion process. No patch or remediation details are ...

4.3CVSS5.7AI score0.01586EPSS