CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
61.7%
Severity: High
Date : 2017-01-31
CVE-ID : CVE-2017-5192 CVE-2017-5200
Package : salt
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-159
The package salt before version 2016.11.2-1 is vulnerable to multiple
issues including arbitrary code execution and arbitrary command
execution.
Upgrade to 2016.11.2-1.
The problems have been fixed upstream in version 2016.11.2.
None.
The LocalClient.cmd_batch()
method client does not accept
external_auth
credentials and so access to it from salt-api has been
removed for now. This vulnerability allows code execution for already-
authenticated users and is only in effect when running salt-api as the
root
user.
Salt-api allows arbitrary command execution on a salt-master via Salt’s
ssh_client. Users of Salt-API and salt-ssh could execute a command on
the salt master via a hole when both systems were enabled.
A remote attacker is able to execute arbitrary commands on a salt
master when salt is not configured properly. In addition, an
authenticated attacker is able to execute arbitrary code on the salt
stack if salt-api is run as root.
https://groups.google.com/forum/#!msg/salt-announce/eP_kQiQdnvo/6cvBrwsqCAAJ
https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html
https://security.archlinux.org/CVE-2017-5192
https://security.archlinux.org/CVE-2017-5200
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
61.7%