Описание
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | DNE | |
| disco | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/jammy | not-affected | |
| esm-apps/xenial | not-affected | 2015.8.8+ds-1 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/focal | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
5.6 Medium
CVSS3
Связанные уязвимости
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external ...
Salt Insecure configuration of PAM external authentication service
EPSS
4.3 Medium
CVSS2
5.6 Medium
CVSS3