GHSA-7wx3-vr2f-6p29

Опубликовано: 17 мая 2022

Источник: github

Github: Прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

SaltStack Privilege Escalation vulnerability

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.

Ссылки

Пакеты

Наименование

salt

pip

Затронутые версииВерсия исправления

>= 0.11.0, < 0.17.1

0.17.1

EPSS

Процентиль: 82%

0.01705

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2013-6617

Связанные уязвимости

CVE-2013-6617

ubuntu

больше 12 лет назад

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.

CVE-2013-6617

nvd

больше 12 лет назад

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.

CVE-2013-6617

debian

больше 12 лет назад

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not ...

EPSS

Процентиль: 82%

0.01705

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2013-6617