Lucene search
Veracode Vulnerability DatabaseVERACODE:7645HistoryOct 25, 2018 - 5:21 a.m.
Remote Code Execution (RCE)
2018-10-2505:21:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.029 Low
EPSS
Percentile
90.9%
salt is vulnerable to remote code execution (RCE) attacks. The vulnerability exists due to the improper processing of spaces in the file path which may allow RCE attacks.
References
lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
github.com/saltstack/salt/commit/8d1fc4f8e53af496b52b31341d67b4bd22567cba
github.com/saltstack/salt/pull/48866
groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ
groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ
lists.debian.org/debian-lts-announce/2020/07/msg00024.html
Related
osv
osv
SaltStack Salt Remote command execution and incorrect access control when using salt-api
2022-05-13 01:23:13
PYSEC-2018-30
2018-10-24 22:29:00
CVE-2018-15751
2018-10-24 22:29:00
prion
prion
Authentication flaw
2018-10-24 22:29:00
nvd
nvd
CVE-2018-15751
2018-10-24 22:29:00
ubuntucve
ubuntucve
CVE-2018-15751
2018-10-24 00:00:00
redhatcve
redhatcve
CVE-2018-15751
2019-12-23 21:44:34
github
github
alpinelinux
alpinelinux
CVE-2018-15751
2018-10-24 22:29:00
cve
cve
CVE-2018-15751
2018-10-24 22:29:00
cvelist
cvelist
CVE-2018-15751
2018-10-24 22:00:00
debiancve
debiancve
CVE-2018-15751
2018-10-24 22:29:00
nessus
nessus
FreeBSD : salt -- multiple vulnerabilities (4f7c6af3-6a2c-4ead-8453-04e509688d45)
2018-10-29 00:00:00
openSUSE Security Update : salt (openSUSE-2018-1569)
2018-12-19 00:00:00
Debian DLA-2294-1 : salt security update
2020-07-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for salt (openSUSE-SU-2018:4174-1)
2018-12-19 00:00:00
openSUSE: Security Advisory for salt (openSUSE-SU-2018:4174-1)
2018-12-19 00:00:00
openSUSE: Security Advisory for salt (openSUSE-SU-2018:4197-1)
2018-12-20 00:00:00
freebsd
freebsd
salt -- multiple vulnerabilities
2018-10-24 00:00:00
suse
suse
Security update for salt (moderate)
2018-12-19 21:10:06
Security update for salt (important)
2018-12-18 15:09:06
Security update for salt (moderate)
2020-07-26 00:00:00
debian
debian
[SECURITY] [DLA 2294-1] salt security update
2020-07-28 20:26:12
ubuntu
ubuntu
Salt vulnerabilities
2020-08-13 00:00:00
Salt vulnerabilities
2021-03-15 00:00:00
photon
photon