Lucene search
GitHub Advisory DatabaseGHSA-JMV9-5GX8-7XPFHistoryMay 17, 2022 - 4:58 a.m.
Minion identity not validated in saltstack
2022-05-1704:58:30
GitHub Advisory Database
github.com
7
saltstack
minion
identity validation
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
EPSS
0.001
Percentile
49.9%
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
Affected configurations
Node
saltRange<0.17.1
Related
nessus
nessus
Fedora 18 : salt-0.17.1-1.fc18 (2013-19354)
2013-10-28 00:00:00
Fedora 19 : salt-0.17.1-1.fc19 (2013-19356)
2013-10-27 00:00:00
Fedora 20 : salt-0.17.1-1.fc20 (2013-19438)
2013-11-11 00:00:00
openvas
openvas
Fedora Update for salt FEDORA-2013-19354
2013-10-28 00:00:00
Fedora Update for salt FEDORA-2013-19356
2013-10-28 00:00:00
Fedora Update for salt FEDORA-2013-19354
2013-10-28 00:00:00
osv
osv
Minion identity not validated in saltstack
2022-05-17 04:58:30
PYSEC-2013-14
2013-11-05 18:55:00
fedora
fedora
[SECURITY] Fedora 19 Update: salt-0.17.1-1.fc19
2013-10-27 03:53:29
[SECURITY] Fedora 19 Update: salt-0.17.1-1.fc19
2013-10-27 05:32:16
[SECURITY] Fedora 18 Update: salt-0.17.1-1.fc18
2013-10-27 05:35:52
cve
cve
CVE-2013-4439
2013-11-05 18:55:05
nvd
nvd
CVE-2013-4439
2013-11-05 18:55:05
cvelist
cvelist
CVE-2013-4439
2013-11-05 18:00:00
debiancve
debiancve
CVE-2013-4439
2022-10-03 16:14:58
prion
prion
Code injection
2013-11-05 18:55:00
ubuntucve
ubuntucve
CVE-2013-4439
2013-11-05 00:00:00
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
EPSS
0.001
Percentile
49.9%
Related for GHSA-JMV9-5GX8-7XPF