CVE-2020-11652

Known Exploited (CISA KEV)MEDIUM

6.5

CVSS Severity Score

EPSS Score59.6630%

EPSS Percentile86.15th

PublishedApr 30, 2020

Last ModifiedNov 7, 2025

Vulnerability Description

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

Affected Platforms (CPE)

📦

Saltstack

Salt

< 2019.2.4

📦

Saltstack

Salt

>= 3000 and < 3000.2

💻

Opensuse

Leap

= 15.1

💻

Debian

Debian Linux

= 8.0

💻

Debian

Debian Linux

= 9.0

💻

Debian

Debian Linux

= 10.0

💻

Canonical

Ubuntu Linux

= 16.04

💻

Canonical

Ubuntu Linux

= 18.04

📦

Blackberry

Workspaces Server

<= 7.1.3

📦

Blackberry

Workspaces Server

>= 8.0.0 and <= 8.2.6

📦

Blackberry

Workspaces Server

= 9.1.0

📦

Vmware

Application Remote Collector

= 7.5.0

📦

Vmware

Application Remote Collector

= 8.0.0

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html

🔗 http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html

🔗 http://support.blackberry.com/kb/articleDetail?articleNumber=000063758

🔗 http://www.vmware.com/security/advisories/VMSA-2020-0009.html

🔗 https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html

🔗 https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst

Vulnerability Description

Affected Platforms (CPE)

Salt

Salt

Leap

Debian Linux

Debian Linux

Debian Linux

Ubuntu Linux

Ubuntu Linux

Workspaces Server

Workspaces Server

Workspaces Server

Application Remote Collector

Application Remote Collector

References & Advisories

Related Vulnerabilities