EPSS
Percentile
52.5%
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
lists.opensuse.org/opensuse-updates/2016-03/msg00034.html
docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
github.com/saltstack/salt
nvd.nist.gov/vuln/detail/CVE-2016-1866