ALT-PU-2020-2668-2

BDU:2021-01900

CRITICAL9.8

Уязвимость компонента salt-netapi системы управления конфигурациями и удалённого выполнения операций Salt, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Published: 2021-04-06Modified: 2024-09-16

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2020-25592

BDU:2021-01902

MEDIUM5.5

Уязвимость модуля TLS системы управления конфигурациями и удалённого выполнения операций Salt, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю получить доступ к конфиденциальным данным

Published: 2021-04-06Modified: 2024-09-16

CVSS 3.xMEDIUM 5.5

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2020-17490

BDU:2021-01903

CRITICAL9.8

Уязвимость системы управления конфигурациями и удалённого выполнения операций Salt, связанная с отсутствием мер по нейтрализации специальных элементов, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Published: 2021-04-06Modified: 2024-09-24

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2020-16846

BDU:2022-01766

HIGH7.5

Уязвимость системы управления конфигурациями и удалённого выполнения операций Salt, связанная с раскрытием информации в ошибочной области данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Published: 2022-04-05Modified: 2023-02-15

CVSS 3.xHIGH 7.5

CVSS:3.x/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:H/Au:S/C:C/I:C/A:C

References

CVE-2021-21996

CVE-2020-16846

CRITICAL9.8

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.

Published: 2020-11-06Modified: 2025-11-07

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2020-17490

MEDIUM5.5

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.

Published: 2020-11-06Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2020-25592

CRITICAL9.8

In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.

Published: 2020-11-06Modified: 2024-11-21

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2021-21996

HIGH7.5

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

Published: 2021-09-08Modified: 2024-11-21

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2021-22004

MEDIUM6.4

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.

Published: 2021-09-08Modified: 2024-11-21

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xMEDIUM 6.4

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

References

GHSA-29j3-2446-5j4w

CRITICAL9.8

SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi

Published: 2022-05-24Modified: 2024-10-22

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

GHSA-3c56-vx6v-q5vh

MEDIUM5.5

SaltStack Salt Allows creating certificates with weak file permissions

Published: 2022-05-24Modified: 2024-10-22

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

GHSA-pf7h-h2wq-m7pg

HIGH7.5

Exposure of Resource to Wrong Sphere in salt

Published: 2021-11-21Modified: 2024-10-22

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

GHSA-qr38-h96j-2j3w

CRITICAL9.8

SaltStack Salt Command Injection in netapi ssh client

Published: 2022-05-24Modified: 2025-10-22

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

References

GHSA-xf37-qcvf-7m57

HIGH7.5

Improper Authentication in SaltStack Salt

Published: 2022-05-24Modified: 2024-10-27

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0HIGH 7.5

CVSS:4.0/CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

Package update salt in branch sisyphus

Closed issues (14)

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.

In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.

SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi

SaltStack Salt Allows creating certificates with weak file permissions

Exposure of Resource to Wrong Sphere in salt

SaltStack Salt Command Injection in netapi ssh client

Improper Authentication in SaltStack Salt