Описание
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| salt | fixed | 3002.5+dfsg1-1 | package | |
| salt | fixed | 2018.3.4+dfsg1-6+deb10u3 | buster | package |
Примечания
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
Introduced by: https://github.com/saltstack/salt/commit/fc9267afa3a7ecaae3ef446575072e0e5d51d8b7 (v2016.3)
Fixed by: https://github.com/saltstack/salt/commit/6ae64c6b15cb7f43b57f564a0cb8a0e426cc183a (v3000.7 backport)
EPSS
Связанные уязвимости
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
SaltStack Salt command injection in the Salt-API when using the Salt-SSH client
Уязвимость функции salt.utils.thin.gen_thin() системы управления конфигурациями и удалённого выполнения операций SaltStack Salt, позволяющая нарушителю выполнять произвольные команды в целевой системе
EPSS