Shodan
Vulnerabilities
Vulnerable Software
Saltstack:  >> Salt  >> 0.11.0  Security Vulnerabilities
CVE-2021-3197
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
CVSS Score
9.8
EPSS Score
0.053
Published
2021-02-27
CVE-2020-28243
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
CVSS Score
7.8
EPSS Score
0.019
Published
2021-02-27
CVE-2020-28972
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
CVSS Score
5.9
EPSS Score
0.005
Published
2021-02-27
CVE-2020-35662
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
CVSS Score
7.4
EPSS Score
0.007
Published
2021-02-27
CVE-2021-25281
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
CVSS Score
9.8
EPSS Score
0.94
Published
2021-02-27
CVE-2021-25282
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
CVSS Score
9.1
EPSS Score
0.912
Published
2021-02-27
CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
CVSS Score
9.8
EPSS Score
0.074
Published
2021-02-27
CVE-2020-16846
Known exploited
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
CVSS Score
9.8
EPSS Score
0.944
Published
2020-11-06
CVE-2020-17490
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
CVSS Score
5.5
EPSS Score
0.0
Published
2020-11-06
CVE-2020-25592
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
CVSS Score
9.8
EPSS Score
0.582
Published
2020-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved