Saltstack: >> Salt >> 3000.3 Security Vulnerabilities
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
CVSS Score
7.8
EPSS Score
0.015
Published
2021-02-27
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
CVSS Score
5.9
EPSS Score
0.008
Published
2021-02-27
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
CVSS Score
7.4
EPSS Score
0.007
Published
2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
CVSS Score
9.8
EPSS Score
0.939
Published
2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
CVSS Score
9.1
EPSS Score
0.909
Published
2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
CVSS Score
9.8
EPSS Score
0.1
Published
2021-02-27
Page 2