Lucene search
Veracode Vulnerability DatabaseVERACODE:3580HistoryFeb 14, 2017 - 7:39 a.m.
Remote Code Execution (RCE)
2017-02-1407:39:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.002
Percentile
52.5%
salt is vulnerable to remote code execution (RCE). The library does not clear messages on the minion, meaning a malicious user can conduct a Man-in-the-Middle (MitM) attack to execute arbitrary code by inserting packets into the datastream.
Related
github
github
Salt Improper Access Control
2022-05-14 02:11:54
cvelist
cvelist
CVE-2016-1866
2016-04-12 14:00:00
osv
osv
Salt Improper Access Control
2022-05-14 02:11:54
PYSEC-2016-23
2016-04-12 14:59:00
nvd
nvd
CVE-2016-1866
2016-04-12 14:59:09
nessus
nessus
openSUSE Security Update : salt (openSUSE-2016-318)
2016-03-10 00:00:00
FreeBSD : salt -- code execution (0652005e-ca96-11e5-96d6-14dae9d210b8)
2016-02-04 00:00:00
debiancve
debiancve
CVE-2016-1866
2016-04-12 14:59:09
cve
cve
CVE-2016-1866
2016-04-12 14:59:09
freebsd
freebsd
salt -- code execution
2016-01-25 00:00:00
prion
prion
Code injection
2016-04-12 14:59:00
ubuntucve
ubuntucve
CVE-2016-1866
2016-04-12 00:00:00