vulnerability
Ubuntu: USN-4769-1 (CVE-2017-12791): Salt vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Aug 23, 2017 | Mar 22, 2023 | Mar 27, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 23, 2017
Added
Mar 22, 2023
Modified
Mar 27, 2026
Description
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.
Solutions
ubuntu-pro-upgrade-salt-apiubuntu-pro-upgrade-salt-cloudubuntu-pro-upgrade-salt-commonubuntu-pro-upgrade-salt-masterubuntu-pro-upgrade-salt-minionubuntu-pro-upgrade-salt-proxyubuntu-pro-upgrade-salt-sshubuntu-pro-upgrade-salt-syndic
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.