vulnerability
SUSE: CVE-2020-16846: SUSE Linux Security Advisory
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Nov 4, 2020 | Nov 6, 2020 | May 3, 2022 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Nov 4, 2020
Added
Nov 6, 2020
Modified
May 3, 2022
Description
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Solution(s)
suse-upgrade-koansuse-upgrade-mgr-daemonsuse-upgrade-python2-saltsuse-upgrade-python2-spacewalk-checksuse-upgrade-python2-spacewalk-client-setupsuse-upgrade-python2-spacewalk-client-toolssuse-upgrade-python3-saltsuse-upgrade-saltsuse-upgrade-salt-apisuse-upgrade-salt-bash-completionsuse-upgrade-salt-cloudsuse-upgrade-salt-docsuse-upgrade-salt-fish-completionsuse-upgrade-salt-mastersuse-upgrade-salt-minionsuse-upgrade-salt-proxysuse-upgrade-salt-sshsuse-upgrade-salt-standalone-formulas-configurationsuse-upgrade-salt-syndicsuse-upgrade-salt-zsh-completionsuse-upgrade-spacecmdsuse-upgrade-spacewalk-checksuse-upgrade-spacewalk-client-setupsuse-upgrade-spacewalk-client-tools
References
- SUSE-SUSE-SU-2020:14535-1
- SUSE-SUSE-SU-2020:14537-1
- SUSE-SUSE-SU-2020:14538-1
- SUSE-SUSE-SU-2020:14570-1
- SUSE-SUSE-SU-2020:3155-1
- SUSE-SUSE-SU-2020:3171-1
- SUSE-SUSE-SU-2020:3235-1
- SUSE-SUSE-SU-2020:3243-1
- SUSE-SUSE-SU-2020:3244-1
- SUSE-SUSE-SU-2020:3245-1
- SUSE-SUSE-SU-2020:3250-1
- SUSE-SUSE-SU-2020:3251-1
- SUSE-SUSE-SU-2021:0315-1
- SUSE-SUSE-SU-2021:0316-1
- SUSE-SUSE-SU-2021:0480-1
- SUSE-SUSE-SU-2021:14623-1
- SUSE-SUSE-SU-2021:14624-1
- NVD-CVE-2020-16846

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.