vulnerability

Alpine Linux: CVE-2017-12791: salt Directory traversal vulnerability on salt-master via crafted minion IDs

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 23, 2017
Added
Sep 20, 2017
Modified
Dec 4, 2019

Description

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.

Solution

alpine-linux-upgrade-salt
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.