CyberSec.Space Logo
Back to CVE Browser

CVE-2013-4437

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile33.49th
PublishedNov 5, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."

Affected Platforms (CPE)

πŸ“¦
Saltstack

Salt

= 0.17.0

References & Advisories

πŸ”— http://docs.saltstack.com/topics/releases/0.17.1.html
πŸ”— http://www.openwall.com/lists/oss-security/2013/10/18/3
πŸ”— http://docs.saltstack.com/topics/releases/0.17.1.html
πŸ”— http://www.openwall.com/lists/oss-security/2013/10/18/3

Related Vulnerabilities

CVE-2011-326810.0

Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a l...

CVE-2013-661710.0

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for r...

CVE-2001-135610.0

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allow...

CVE-2020-116519.8

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does no...