Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-1866

Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.6%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
Products affected by CVE-2016-1866
  • Saltstack » Salt » Version: 2015.8.0
    cpe:2.3:a:saltstack:salt:2015.8.0
  • Saltstack » Salt » Version: 2015.8.1
    cpe:2.3:a:saltstack:salt:2015.8.1
  • Saltstack » Salt » Version: 2015.8.2
    cpe:2.3:a:saltstack:salt:2015.8.2
  • Saltstack » Salt » Version: 2015.8.3
    cpe:2.3:a:saltstack:salt:2015.8.3
  • Opensuse » Leap » Version: 42.1
    cpe:2.3:o:opensuse:leap:42.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved