Описание
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed. The LocalClient.cmd_batch() method client does not accept external_auth credentials and so access to it from salt-api has been removed for now. This vulnerability allows code execution for already-authenticated users and is only in effect when running salt-api as the root user.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2017.7.4+dfsg1-1 |
| cosmic | not-affected | 2017.7.4+dfsg1-1 |
| devel | DNE | |
| disco | not-affected | 2017.7.4+dfsg1-1 |
| eoan | not-affected | 2017.7.4+dfsg1-1 |
| esm-apps/bionic | not-affected | 2017.7.4+dfsg1-1 |
| esm-apps/jammy | not-affected | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | needed |
Показывать по
EPSS
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
When using the local_batch client from salt-api in SaltStack Salt befo ...
SaltStack Salt Authentication Bypass when using the local_batch client from salt-api
EPSS
6.5 Medium
CVSS2
8.8 High
CVSS3