GitHub Advisory DatabaseGHSA-W2HR-3MC8-46GH

HistoryMay 24, 2022 - 5:43 p.m.

SaltStack Salt eauth tokens can be used once after expiration

2022-05-2417:43:23

CWE-613

GitHub Advisory Database

github.com

saltstack

eauth tokens

expiration

software security

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.4

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

Affected configurations

Vulners

Node

saltRange<2019.2.8

saltRange<3002.3

saltRange<3001.5

saltRange<3000.7

saltRange≤2018.3.5

saltRange<2017.7.8

saltRange<2016.11.10

saltRange<2016.11.5

saltRange<2015.8.13

VendorProductVersionCPE
*salt*cpe:2.3:a:*:salt:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
*	salt	*	cpe:2.3:a::salt::::::::*

References

github.com/advisories/GHSA-w2hr-3mc8-46gh

github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373

github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26

github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26

github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26

github.com/saltstack/salt/releases

lists.debian.org/debian-lts-announce/2021/11/msg00009.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5

lists.fedoraproject.org/archives/list/[email protected]/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB

lists.fedoraproject.org/archives/list/[email protected]/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH

lists.fedoraproject.org/archives/list/[email protected]/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5

nvd.nist.gov/vuln/detail/CVE-2021-3144

saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25

security.gentoo.org/glsa/202103-01

security.gentoo.org/glsa/202310-22

www.debian.org/security/2021/dsa-5011

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.4

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

Related for GHSA-W2HR-3MC8-46GH