Lucene search
GoogleOSV:GHSA-CVCC-5X92-GMHCHistoryMar 30, 2022 - 12:00 a.m.
SaltStack Salt Improper Authentication via Man in the Middle Attack
2022-03-3000:00:20
Google
osv.dev
8
saltstack
authentication
vulnerability
denial of service
mitm
attack
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.
References
github.com/saltstack/salt
github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L31
github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L29
nvd.nist.gov/vuln/detail/CVE-2022-22935
saltproject.io/security_announcements/salt-security-advisory-release
security.gentoo.org/glsa/202310-22
Related
prion
prion
Authentication flaw
2022-03-29 17:15:00
redhatcve
redhatcve
CVE-2022-22935
2022-05-21 00:09:30
debiancve
debiancve
CVE-2022-22935
2022-03-29 17:15:15
ubuntucve
ubuntucve
CVE-2022-22935
2022-03-29 00:00:00
nvd
nvd
CVE-2022-22935
2022-03-29 17:15:15
osv
osv
CVE-2022-22935
2022-03-29 17:15:15
PYSEC-2022-172
2022-03-29 17:15:00
github
github
SaltStack Salt Improper Authentication via Man in the Middle Attack
2022-03-30 00:00:20
cvelist
cvelist
CVE-2022-22935
2022-03-29 00:00:00
alpinelinux
alpinelinux
CVE-2022-22935
2022-03-29 17:15:15
cve
cve
CVE-2022-22935
2022-03-29 17:15:15
nessus
nessus
SUSE SLES15 Security Update : salt (SUSE-SU-2022:1060-1)
2022-03-31 00:00:00
SUSE SLES12 Security Update : salt (SUSE-SU-2022:1051-1)
2022-03-31 00:00:00
SUSE SLES15 Security Update : salt (SUSE-SU-2022:1057-1)
2022-03-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1060-1)
2022-03-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1059-1)
2022-03-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1057-1)
2022-03-31 00:00:00
suse
suse
Security update for salt (important)
2022-03-30 00:00:00
gentoo
gentoo
Salt: Multiple Vulnerabilities
2023-10-31 00:00:00