Saltstack Salt : Security vulnerabilities, CVEs published in 2018

Copy

CVE-2018-15751

SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

Max CVSS

9.8

EPSS Score

2.94%

Published

2018-10-24

Updated

2020-08-20

CVE-2018-15750

Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.

Max CVSS

5.3

EPSS Score

0.50%

Published

2018-10-24

Updated

2020-08-20

CVE-2017-7893

In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.

Max CVSS

9.8

EPSS Score

0.22%

Published

2018-04-23

Updated

2019-10-03

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!