salt@3003rc1 vulnerabilities

Portable, distributed, remote execution and configuration management system

Direct Vulnerabilities

Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Directory Traversal via the serve_file method, due to insufficient checks in the salt/fileserver/roots.py file.

How to fix Directory Traversal?

Upgrade salt to version 3005.5 or higher.

[,3005.5)
  • H
Directory Traversal

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Directory Traversal when establishing the syndic cache directory on the master.

How to fix Directory Traversal?

Upgrade salt to version 3005.5 or higher.

[,3005.5)
  • M
Improper Access Control

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Improper Access Control. The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH.

How to fix Improper Access Control?

Upgrade salt to version 3005.4, 3006.4 or higher.

[,3005.4)[3006.0rc1,3006.4)
  • M
Information Exposure

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Information Exposure and other possible impacts, due to a hash collision when using Git Providers reading from different environments. If Git Providers read from the wrong environment because they get the same cache directory base name, they could get bad data or unintended data. This could also lead to wrongful executions, data corruption or a crash.

How to fix Information Exposure?

Upgrade salt to version 3005.2, 3006.2 or higher.

[,3005.2)[3006.0rc1,3006.2)
  • H
Denial of Service (DoS)

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Denial of Service (DoS) in the error message decoding mechanism in minion return. If the request server receives a number of requests equal to the number of worker threads, the master will become unresponsive to return requests until it is restarted.

How to fix Denial of Service (DoS)?

Upgrade salt to version 3005.2, 3006.2 or higher.

[,3005.2)[3006.0rc1,3006.2)
  • H
Buffer Overflow

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Buffer Overflow via the status function.

How to fix Buffer Overflow?

There is no fixed version for salt.

[0,)
  • H
Denial of Service (DoS)

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Denial of Service (DoS) in junos ifconfig output parsing.

How to fix Denial of Service (DoS)?

Upgrade salt to version 3004.1 or higher.

[,3004.1)
  • H
Privilege Escalation

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Privilege Escalation. A user who has control of the source and source_hash URLs, can gain full file system access as root on a salt minion.

How to fix Privilege Escalation?

Upgrade salt to version 3001.8, 3002.7, 3003.3 or higher.

[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)
  • M
Privilege Escalation

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Privilege Escalation. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behavior of the given minion software.

The malicious actor must have access to a Windows system, permission to create directories and files on the root of the system drive, and create a malicious minion config at C:\salt\conf.

How to fix Privilege Escalation?

Upgrade salt to version 3001.8, 3002.7, 3003.3 or higher.

[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)