Lucene search
GoogleOSV:CVE-2022-22936HistoryMar 29, 2022 - 5:15 p.m.
CVE-2022-22936
2022-03-2917:15:15
Google
osv.dev
13
saltstack
replay attacks
root access
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.
Related
cve
cve
CVE-2022-22936
2022-03-29 17:15:15
prion
prion
Code injection
2022-03-29 17:15:00
alpinelinux
alpinelinux
CVE-2022-22936
2022-03-29 17:15:15
cvelist
cvelist
CVE-2022-22936
2022-03-29 00:00:00
osv
osv
PYSEC-2022-173
2022-03-29 17:15:00
SaltStack Salt Authentication Bypass by Capture-replay
2022-03-30 00:00:20
debiancve
debiancve
CVE-2022-22936
2022-03-29 17:15:15
ubuntucve
ubuntucve
CVE-2022-22936
2022-03-29 00:00:00
github
github
SaltStack Salt Authentication Bypass by Capture-replay
2022-03-30 00:00:20
nvd
nvd
CVE-2022-22936
2022-03-29 17:15:15
nessus
nessus
SUSE SLES15 Security Update : salt (SUSE-SU-2022:1060-1)
2022-03-31 00:00:00
SUSE SLES12 Security Update : salt (SUSE-SU-2022:1051-1)
2022-03-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1060-1)
2022-03-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1059-1)
2022-03-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1057-1)
2022-03-31 00:00:00
suse
suse
Security update for salt (important)
2022-03-30 00:00:00
gentoo
gentoo
Salt: Multiple Vulnerabilities
2023-10-31 00:00:00