Lucene search
Veracode Vulnerability DatabaseVERACODE:5259HistoryOct 11, 2017 - 2:38 a.m.
Information Disclosure
2017-10-1102:38:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
25.3%
salt is vulnerable to information disclosure. The application logs user credentials when the git clone command is used, allowing a malicious user with access to logs to gain access to other user credentials.
References
Related
cve
cve
CVE-2015-6918
2017-10-10 16:29:00
debiancve
debiancve
CVE-2015-6918
2017-10-10 16:29:00
ubuntucve
ubuntucve
CVE-2015-6918
2017-10-10 00:00:00
osv
osv
PYSEC-2017-70
2017-10-10 16:29:00
salt vulnerabilities
2021-03-15 20:11:16
github
github
salt leaks git usernames and passwords to the log
2022-05-17 00:26:26
cvelist
cvelist
CVE-2015-6918
2017-10-10 16:00:00
prion
prion
Default credentials
2017-10-10 16:29:00
nvd
nvd
CVE-2015-6918
2017-10-10 16:29:00
nessus
nessus
FreeBSD : Salt -- multiple vulnerabilities (3934cc60-f0fa-4eca-be09-c8bd7ae42871)
2015-10-19 00:00:00
Ubuntu 16.04 ESM : Salt vulnerabilities (USN-4769-1)
2023-10-20 00:00:00
freebsd
freebsd
Salt -- multiple vulnerabilities
2015-10-16 00:00:00
ubuntu
ubuntu
Salt vulnerabilities
2021-03-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4769-1)
2023-01-27 00:00:00