CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-11651

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score55.5730%
EPSS Percentile91.81th
Published2020年4月30日
Last Modified2025年11月7日

Vulnerability Description

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

Affected Platforms (CPE)

📦
Saltstack

Salt

< 2019.2.4
📦
Saltstack

Salt

>= 3000 and < 3000.2
💻
Opensuse

Leap

= 15.1
💻
Debian

Debian Linux

= 8.0
💻
Debian

Debian Linux

= 9.0
💻
Debian

Debian Linux

= 10.0
💻
Canonical

Ubuntu Linux

= 16.04
💻
Canonical

Ubuntu Linux

= 18.04
📦
Vmware

Application Remote Collector

= 7.5.0
📦
Vmware

Application Remote Collector

= 8.0.0

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
🔗 http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
🔗 http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
🔗 http://www.vmware.com/security/advisories/VMSA-2020-0009.html
🔗 https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
🔗 https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
🔗 https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html

相關漏洞威脅

CVE-2011-326810.0

Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a l...

CVE-2013-443710.0

Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage...

CVE-2001-135610.0

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allow...

CVE-2013-661710.0

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for r...