exploitDog

CVE-2020-28243

Опубликовано: 27 фев. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

Ссылки

https://github.com/stealthcopter/CVE-2020-28243
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
Mailing List
Third Party Advisory
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
Vendor Advisory
https://sec.stealthcopter.com/cve-2020-28243/
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202103-01
Third Party Advisory
https://security.gentoo.org/glsa/202310-22
Third Party Advisory
https://www.debian.org/security/2021/dsa-5011
Third Party Advisory
https://github.com/stealthcopter/CVE-2020-28243
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
Mailing List
Third Party Advisory
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
Vendor Advisory
https://sec.stealthcopter.com/cve-2020-28243/
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202103-01
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия до 2015.8.10 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2015.8.11 (включая) до 2015.8.13 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.3.0 (включая) до 2016.3.4 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.3.5 (включая) до 2016.3.6 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.3.7 (включая) до 2016.3.8 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.3.9 (включая) до 2016.11.3 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.11.4 (включая) до 2016.11.5 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2016.11.7 (включая) до 2016.11.10 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2017.5.0 (включая) до 2017.7.8 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2018.2.0 (включая) до 2018.3.5 (включая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2019.2.0 (включая) до 2019.2.5 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 2019.2.6 (включая) до 2019.2.8 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 3000 (включая) до 3000.6 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 3001 (включая) до 3001.4 (исключая)

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия от 3002 (включая) до 3002.5 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01734

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-77

Связанные уязвимости

CVE-2020-28243

CVSS3: 7.8

ubuntu

почти 5 лет назад

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

CVE-2020-28243

CVSS3: 7

redhat

почти 5 лет назад

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

CVE-2020-28243

CVSS3: 7.8

debian

почти 5 лет назад

An issue was discovered in SaltStack Salt before 3002.5. The minion's ...

GHSA-phhw-3wc9-8q75

CVSS3: 7.8

github

больше 3 лет назад

SaltStack Salt command injection via a crafted process name

BDU:2021-06341

CVSS3: 7.8

fstec

почти 5 лет назад

Уязвимость системы управления конфигурациями и удалённого выполнения операций SaltStack Salt, позволяющая нарушителю локально повысить привилегии.

EPSS

Процентиль: 82%

0.01734

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-77