Vulnerability Details : CVE-2017-8109
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
Vulnerability category: Information leak
Products affected by CVE-2017-8109
- cpe:2.3:a:saltstack:salt:2016.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11:*:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:saltstack:salt:2016.11.0:rc1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-8109
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-8109
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-8109
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8109
-
https://bugzilla.suse.com/show_bug.cgi?id=1035912
Bug 1035912 – VUL-0: CVE-2017-8109: salt: salt-ssh temporary files - insecure permissionsIssue Tracking;Patch
-
http://www.securityfocus.com/bid/98095
SaltStack Salt CVE-2017-8109 Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/saltstack/salt/issues/40075
salt-ssh temporary files - insecure permissions · Issue #40075 · saltstack/salt · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://github.com/saltstack/salt/pull/40609
stat_file when keep is set, instead of mirroring all file permissions by gtmanfred · Pull Request #40609 · saltstack/salt · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658
stat_file when keep is set, instead of mirroring all file permissions by gtmanfred · Pull Request #40609 · saltstack/salt · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html
Salt 2016.11.4 Release NotesPatch;Release Notes;Vendor Advisory
Jump to