Lucene search
DwfCVELIST:CVE-2019-1010259HistoryJul 18, 2019 - 4:33 p.m.
CVE-2019-1010259
2019-07-1816:33:35
dwf
www.cve.org
2
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.
CNA Affected
[
{
"product": "Salt",
"vendor": "SaltStack",
"versions": [
{
"status": "affected",
"version": "2018.3, 2019.2 [fixed: 2018.3.4]"
}
]
}
]Related
cve
cve
CVE-2019-1010259
2019-07-18 17:15:11
CVE-2019-1000033
2019-07-26 21:15:11
github
github
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function
2022-05-24 16:50:39
prion
prion
Sql injection
2019-07-18 17:15:00
veracode
veracode
SQL Injection
2019-07-19 03:16:26
nvd
nvd
CVE-2019-1010259
2019-07-18 17:15:11
CVE-2019-1000033
2019-07-26 21:15:11
osv
osv
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function
2022-05-24 16:50:39
PYSEC-2019-119
2019-07-18 17:15:00
debiancve
debiancve
CVE-2019-1010259
2019-07-18 17:15:11
ubuntucve
ubuntucve
CVE-2019-1010259
2019-07-18 00:00:00