Salt 2015.8.x prior to 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle malicious users to execute arbitrary code by inserting packets into the minion-master data stream.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
saltstack salt 2015.8.3 |
||
saltstack salt 2015.8.1 |
||
saltstack salt 2015.8.2 |
||
saltstack salt 2015.8.0 |
||
opensuse leap 42.1 |