Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-22934

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.8
Products affected by CVE-2022-22934
  • Saltstack » Salt » Version: 3002
    cpe:2.3:a:saltstack:salt:3002
  • Saltstack » Salt » Version: 3002.1
    cpe:2.3:a:saltstack:salt:3002.1
  • Saltstack » Salt » Version: 3002.2
    cpe:2.3:a:saltstack:salt:3002.2
  • Saltstack » Salt » Version: 3002.3
    cpe:2.3:a:saltstack:salt:3002.3
  • Saltstack » Salt » Version: 3002.4
    cpe:2.3:a:saltstack:salt:3002.4
  • Saltstack » Salt » Version: 3002.5
    cpe:2.3:a:saltstack:salt:3002.5
  • Saltstack » Salt » Version: 3002.6
    cpe:2.3:a:saltstack:salt:3002.6
  • Saltstack » Salt » Version: 3002.7
    cpe:2.3:a:saltstack:salt:3002.7
  • Saltstack » Salt » Version: 3003
    cpe:2.3:a:saltstack:salt:3003
  • Saltstack » Salt » Version: 3003.1
    cpe:2.3:a:saltstack:salt:3003.1
  • Saltstack » Salt » Version: 3003.2
    cpe:2.3:a:saltstack:salt:3003.2
  • Saltstack » Salt » Version: 3003.3
    cpe:2.3:a:saltstack:salt:3003.3
  • Saltstack » Salt » Version: 3004
    cpe:2.3:a:saltstack:salt:3004


Products
Pricing
Contact Us

Shodan ® - All rights reserved