3007.1
13 years ago
7 months ago
Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Directory Traversal via the How to fix Directory Traversal? Upgrade | [,3005.5) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Directory Traversal when establishing the syndic cache directory on the master. How to fix Directory Traversal? Upgrade | [,3005.5) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Improper Access Control. The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH. How to fix Improper Access Control? Upgrade | [,3005.4)[3006.0rc1,3006.4) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Information Exposure and other possible impacts, due to a hash collision when using Git Providers reading from different environments. If Git Providers read from the wrong environment because they get the same cache directory base name, they could get bad data or unintended data. This could also lead to wrongful executions, data corruption or a crash. How to fix Information Exposure? Upgrade | [,3005.2)[3006.0rc1,3006.2) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Denial of Service (DoS) in the error message decoding mechanism in minion return. If the request server receives a number of requests equal to the number of worker threads, the master will become unresponsive to return requests until it is restarted. How to fix Denial of Service (DoS)? Upgrade | [,3005.2)[3006.0rc1,3006.2) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Buffer Overflow via the How to fix Buffer Overflow? There is no fixed version for | [0,) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Denial of Service (DoS) in How to fix Denial of Service (DoS)? Upgrade | [,3004.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Access Restriction Bypass where a previously authorized user whose account is locked can still run Salt commands. This affects both local shell accounts with an active session and Workaround: If the user can not upgrade to the fixed version, it is possible to:
How to fix Access Restriction Bypass? Upgrade | [,3002.9)[3003,3003.5)[3004,3004.2) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Improper Access Control which allows users specified in the How to fix Improper Access Control? Upgrade | [,3002.8)[3003,3003.4)[3004,3004.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Denial of Service (DoS). A MiTM attacker to force a minion process to stop by impersonating a master. How to fix Denial of Service (DoS)? Upgrade | [,3002.8)[3003,3003.4)[3004,3004.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Access Restriction Bypass which can allow attackers to substitute arbitrary pillar data, because Salt Masters do not sign pillar data with the minion’s public key. How to fix Access Restriction Bypass? Upgrade | [,3002.8)[3003,3003.4)[3004,3004.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Authentication Bypass which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access to minion under certain scenarios. How to fix Authentication Bypass? Upgrade | [,3002.8)[3003,3003.4)[3004,3004.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to SQL Injection via the How to fix SQL Injection? Upgrade | [,2018.3.4)[2019.2.0,2019.2.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Privilege Escalation. A user who has control of the source and How to fix Privilege Escalation? Upgrade | [,3001.8)[3002rc1,3002.7)[3003rc1,3003.3) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Privilege Escalation. The The malicious actor must have access to a Windows system, permission to create directories and files on the root of the system drive, and create a malicious minion config at How to fix Privilege Escalation? Upgrade | [,3001.8)[3002rc1,3002.7)[3003rc1,3003.3) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Command Injection. The Salt-API’s SSH client is vulnerable to a shell injection by including How to fix Command Injection? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Improper Authorization. The SaltAPI does not honor eauth credentials for the How to fix Improper Authorization? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Directory Traversal. The How to fix Directory Traversal? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Server-side Template Injection (SSTI). The jinja renderer does not protect against server-side template injection attacks. This could be abused via the SaltAPI fix directory traversal in How to fix Server-side Template Injection (SSTI)? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Command Injection. A command injection in How to fix Command Injection? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Sensitive Data Exposure webutils write passwords in cleartext to How to fix Sensitive Data Exposure? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Man-in-the-Middle (MitM). The SaltStack Code base not validating SSL/TLS certificate of the server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack How to fix Man-in-the-Middle (MitM)? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Sensitive Data Exposure eauth tokens can be used once after expiration. How to fix Sensitive Data Exposure? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Local Privilege Escalation. A privilege escalation is possible on a SaltStack minion when an unprivileged user is able to create files in any non-blacklisted directory via a command injection in a process name. How to fix Local Privilege Escalation? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Improper Certificate Validation. Several places where Salt was not verifying the SSL cert by default. This has now been remediated. How to fix Improper Certificate Validation? Upgrade | [3002rc1,3002.5)[3001rc1,3001.6)[,3000.8) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Remote Code Execution (RCE). Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection. How to fix Remote Code Execution (RCE)? Upgrade | [,3000.4)[3001,3001.2) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Improper Access Control. When using the functions How to fix Improper Access Control? Upgrade | [,3000.4)[3001,3001.2)[3002,3002.1) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Directory Traversal. The wheel module contains commands used to read and write files under specific directory paths. The inputs to these functions are concatenated with the target directory and the resulting path is not canonicalized, leading to an escape of the intended path restriction. The get_token() method of the salt.tokens.localfs class (which is exposed to unauthenticated requests by the ClearFuncs class) fails to sanitize the token input parameter which is then used as a filename, allowing insertion of ".." path elements and thus reading of files outside of the intended directory. The only restriction is that the file has to be deserializable by salt.payload.Serial.loads(). How to fix Directory Traversal? Upgrade | [,2019.2.4)[3000,3000.2) |
salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable to Arbitrary Code Execution. The salt-master process How to fix Arbitrary Code Execution? Upgrade | [,2019.2.4)[3000,3000.2) |
salt is a Software to automate the management and configuration of any infrastructure or application at scale. Affected versions of this package are vulnerable to Directory Traversal via the How to fix Directory Traversal? Upgrade | [,2017.7.8)[2018.0,2018.3.3) |
salt is a software to automate the management and configuration of any infrastructure or application at scale. Affected versions of this package are vulnerable to Arbitrary Command Execution and Authentication Bypass via the How to fix Arbitrary Command Execution? Upgrade | [,2017.7.8)[2018.0.0,2018.3.3) |
salt is a Portable, distributed, remote execution and configuration management system. Affected versions of this package are vulnerable to Information Exposure. A malicious user could get password information via the debug logs. How to fix Information Exposure? Upgrade | [2015.5.0,2015.5.6)[2015.8.0,2015.8.1) |
salt is a Portable, distributed, remote execution and configuration management system. Affected versions of this package are vulnerable to Directory Traversal attacks. A remote attacker with incorrect credentials could authenticate to a master via a crafted minion ID. How to fix Directory Traversal? Upgrade | [,2016.11.7)[2017.7.0,2017.7.1) |
salt is a Portable, distributed, remote execution and configuration management system. Affected versions of this package are vulnerable to Credential Exposure. It copied permissions over configuration from the Salt Master without adjusting, which might leak credentials to local attackers on configured clients. How to fix Credential Exposure? Upgrade | [,2016.11.4) |
salt is a Portable, distributed, remote execution and configuration management system. Affected versions of this package are vulnerable to Authentication Bypass. When How to fix Authentication Bypass? Upgrade | [,2015.5.10)[2015.8.0,2015.8.8) |
salt is a Software to automate the management and configuration of any infrastructure or application at scale. Affected versions of this package are vulnerable to Client Impersonation. Compromised salt-minions can impersonate the salt-master. How to fix Client Impersonation? Upgrade | [,2016.3.6) |
Affected versions of the package are vulnerable to Information Disclosure. salt before 2015.5.5 leaks git usernames and passwords to the log. How to fix Information Exposure? Upgrade | [,2015.5.5) |
Affected versions of this package are vulnerable to Arbitrary Code Execution. When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed. | [,2015.8.13)[2016.3,2016.3.5)[2016.11,2016.11.2) |
Affected versions of this package are vulnerable to Arbitrary Code Execution. When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed. | [,2015.8.12)[2016.3,2016.3.5)[2016.11,2016.11.2) |
Affected versions of this package are vulnerable to Information Exposure. win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs. | [2015.5,2015.5.6)[2015.8,2015.8.1) |
Affected versions of this package are vulnerable to information Exposure. It allows deleted minions to read or write to minions with the same id, related to caching. | [,2015.8.11) |
Affected versions of this package are vulnerable to Information Exposure. The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file. | [,2015.8.3) |