Lucene search
GoogleOSV:GHSA-XCX4-5WQ7-G5G7HistoryMay 17, 2022 - 2:46 a.m.
SaltStack Salt Information Exposure
2022-05-1702:46:54
Google
osv.dev
9
saltstack salt 2016.11.4
configuration leak
local attackers
EPSS
0
Percentile
5.1%
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
References
www.securityfocus.com/bid/98095
bugzilla.suse.com/show_bug.cgi?id=1035912
docs.saltstack.com/en/latest/topics/releases/2016.11.4.html
github.com/saltstack/salt
github.com/saltstack/salt/issues/40075
github.com/saltstack/salt/pull/40609
github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658
nvd.nist.gov/vuln/detail/CVE-2017-8109
Related
osv
osv
PYSEC-2017-82
2017-04-25 17:59:00
CVE-2017-8109
2017-04-25 17:59:00
debian
debian
Security Update for salt
2017-07-05 07:51:05
Security Update for salt
2017-07-05 08:00:25
debiancve
debiancve
CVE-2017-8109
2017-04-25 17:59:00
redhatcve
redhatcve
CVE-2017-8109
2017-04-26 09:18:18
ubuntucve
ubuntucve
CVE-2017-8109
2017-04-25 00:00:00
github
github
SaltStack Salt Information Exposure
2022-05-17 02:46:54
cvelist
cvelist
CVE-2017-8109
2017-04-25 17:00:00
cve
cve
CVE-2017-8109
2017-04-25 17:59:00
prion
prion
Code injection
2017-04-25 17:59:00
veracode
veracode
Information Disclosure
2017-04-28 03:27:00
nvd
nvd
CVE-2017-8109
2017-04-25 17:59:00
nessus
nessus
SUSE SLES11 Security Update : Salt (SUSE-SU-2017:1581-1)
2017-06-20 00:00:00
Photon OS 1.0: Salt PHSA-2018-1.0-0106
2019-02-07 00:00:00
Photon OS 1.0: Salt PHSA-2018-1.0-0106 (deprecated)
2018-08-17 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1581-1)
2021-06-09 00:00:00
photon
photon