Salt Security Vulnerabilities and Issues — Salt CVE List

Lucene search

SaltstackSalt

10 matches found

CVE•added 2023/09/05 11:15 a.m.•346 views

CVE-2023-20898

Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful ...

7.8CVSS5.7AI score0.00123EPSS

CVE•added 2021/04/23 6:15 a.m.•276 views

CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff functio...

7.8CVSS7.8AI score0.04548EPSS

CVE•added 2021/02/27 5:15 a.m.•246 views

CVE-2020-28243

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

7.8CVSS8.5AI score0.0188EPSS

CVE•added 2021/02/27 5:15 a.m.•238 views

CVE-2020-35662

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.

7.4CVSS8.2AI score0.00727EPSS

CVE•added 2021/09/08 3:15 p.m.•230 views

CVE-2021-21996

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

7.5CVSS7.5AI score0.03028EPSS

CVE•added 2014/08/22 5:55 p.m.•70 views

CVE-2014-3563

Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

7.2CVSS8.9AI score0.0014EPSS

CVE•added 2017/10/24 5:29 p.m.•67 views

CVE-2017-14696

SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.

7.5CVSS8AI score0.02661EPSS

CVE•added 2017/04/25 5:59 p.m.•61 views

CVE-2017-8109

The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).

7.8CVSS7.4AI score0.00047EPSS

CVE•added 2013/11/05 6:55 p.m.•41 views

CVE-2013-4438

Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.

7.5CVSS7.7AI score0.0057EPSS

CVE•added 2017/08/25 6:29 p.m.•36 views

CVE-2015-4017

Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.

7.5CVSS7.5AI score0.00311EPSS