CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before
2014.1.10 allow local users to have an unspecified impact via vectors
related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3)
salt-cloud.
docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
seclists.org/oss-sec/2014/q3/428
xforce.iss.net/xforce/xfdb/95392
github.com/saltstack/salt/commit/2b8953adcbf1527bb330b12c9d59f1753ecaf78d
github.com/saltstack/salt/commit/7d4c470f91fcb43f505bfd220605fede1041437c
launchpad.net/bugs/cve/CVE-2014-3563
nvd.nist.gov/vuln/detail/CVE-2014-3563
security-tracker.debian.org/tracker/CVE-2014-3563
www.cve.org/CVERecord?id=CVE-2014-3563