An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

References

lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html

lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html

packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html

packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html

www.vmware.com/security/advisories/VMSA-2020-0009.html

docs.saltstack.com/en/latest/topics/releases/2019.2.4.html

github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst

lists.debian.org/debian-lts-announce/2020/05/msg00027.html

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG

usn.ubuntu.com/4459-1/

www.debian.org/security/2020/dsa-4676

githubexploit 13

alpinelinux 1

osv 6

cvelist 1

veracode 1

debiancve 1

ubuntucve 1

prion 1

nvd 1

nessus 21

redhatcve 1

cisa_kev 1

cve 1

github 1

trendmicroblog 1

debian 5

archlinux 1

cisco 1

thn 3

zdt 3

metasploit 2

openvas 14

freebsd 1

ubuntu 2

packetstorm 3

attackerkb 4

huawei 1

exploitdb 1

suse 4

vmware 1

checkpoint_advisories 1

threatpost 3

cisa 1

photon 4

rapid7blog 1

githubexploit

Exploit for CVE-2020-11651

2020-05-04 11:47:56

Exploit for CVE-2020-11651

2021-10-01 14:33:29

Exploit for CVE-2020-11651

2020-05-04 20:34:04

alpinelinux

CVE-2020-11651

2020-04-30 17:15:12

osv

CVE-2020-11651

2020-04-30 17:15:12

SaltStack Salt Unauthenticated Remote Code Execution

2022-05-24 17:16:59

salt - security update

2020-05-29 00:00:00

cvelist

CVE-2020-11651

2020-04-30 16:58:09

veracode

Authentication Bypass

2020-05-04 05:37:27

debiancve

CVE-2020-11651

2020-04-30 17:15:12

ubuntucve

CVE-2020-11651

2020-04-30 00:00:00

prion

Authentication flaw

2020-04-30 17:15:00

nvd

CVE-2020-11651

2020-04-30 17:15:12

nessus

SaltStack < 2019.2.4 / 3000.x < 3000.2 Authentication Bypass (CVE-2020-11651)

2020-05-08 00:00:00

SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:1150-1)

2020-04-30 00:00:00

SaltStack < 2019.2.4 / 3000.x < 3000.2 Multiple Vulnerabilities

2020-05-07 00:00:00

redhatcve

CVE-2020-11651

2020-05-06 17:39:55

cisa_kev

SaltStack Salt Authentication Bypass Vulnerability

2021-11-03 00:00:00

cve

CVE-2020-11651

2020-04-30 17:15:12

github

SaltStack Salt Unauthenticated Remote Code Execution

2022-05-24 17:16:59

trendmicroblog

This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers

2020-05-29 12:27:26

debian

[SECURITY] [DLA 2223-1] salt security update

2020-05-30 04:21:15

[SECURITY] [DSA 4676-2] salt security update

2020-05-07 20:16:07

[SECURITY] [DSA 4676-2] salt security update

2020-05-07 20:16:07

archlinux

[ASA-202005-1] salt: multiple issues

2020-05-05 00:00:00

cisco

SaltStack FrameWork Vulnerabilities Affecting Cisco Products

2020-05-28 16:00:00

thn

Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers

2020-05-01 13:04:00

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

2020-05-04 04:00:00

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

2021-08-23 13:27:00

zdt

Saltstack 3000.1 Remote Code Execution Exploit

2020-05-07 00:00:00

Saltstack 3000.1 - Remote Code Execution Exploit

2020-05-04 00:00:00

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution Exploit

2020-05-12 00:00:00

metasploit

SaltStack Salt Master/Minion Unauthenticated RCE

2020-05-11 17:05:38

SaltStack Salt Master Server Root Key Disclosure

2020-05-11 17:05:38

openvas

SUSE: Security Advisory (SUSE-SU-2020:1150-1)

2021-06-09 00:00:00

Debian: Security Advisory (DLA-2223-1)

2020-05-31 00:00:00

Ubuntu: Security Advisory (USN-6849-1)

2024-06-26 00:00:00

freebsd

salt -- multiple vulnerabilities in salt-master process

2020-04-30 00:00:00

ubuntu

Salt vulnerabilities

2024-06-25 00:00:00

Salt vulnerabilities

2020-08-13 00:00:00

packetstorm

Saltstack 3000.1 Remote Code Execution

2020-05-05 00:00:00

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution

2020-05-12 00:00:00

SaltStack Salt Master Server Root Key Disclosure

2024-08-31 00:00:00

attackerkb

CVE-2020-11652

2020-04-30 00:00:00

CVE-2020-11651

2020-04-30 00:00:00

CVE-2020-25592 — SaltStack Authentication Bypass and Salt SSH Command Execution

2020-11-06 00:00:00

huawei

Security Advisory - Two Vulnerabilities in SaltStack Salt

2020-07-15 00:00:00

exploitdb

Saltstack 3000.1 - Remote Code Execution

2020-05-05 00:00:00

suse

Security update for salt (critical)

2020-04-30 00:00:00

Security update for salt (moderate)

2020-07-26 00:00:00

Security update for salt (critical)

2021-07-11 00:00:00

vmware

vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)

2020-05-08 00:00:00

checkpoint_advisories

Saltstack Salt Authentication Bypass (CVE-2020-11651; CVE-2020-11652)

2020-05-05 00:00:00

threatpost

Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack

2020-05-04 19:23:41

Salt Bugs Allow Full RCE as Root on Cloud Servers

2020-04-30 20:54:50

Hackers Compromise Cisco Servers Via SaltStack Flaws

2020-05-28 20:51:25

cisa

SaltStack Patches Critical Vulnerabilities in Salt

2020-05-01 00:00:00

photon

Critical Photon OS Security Update - PHSA-2020-0091

2020-05-15 00:00:00

Critical Photon OS Security Update - PHSA-2020-3.0-0091

2020-05-15 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0294

2020-05-14 00:00:00

rapid7blog

SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know

2020-11-10 14:22:33

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.975

Percentile

100.0%

JSON

Related for OSV:PYSEC-2020-102