Published: 26/09/2017 Updated: 06/10/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

When using the local_batch client from salt-api in SaltStack Salt prior to 2015.8.13, 2016.3.x prior to 2016.3.5, and 2016.11.x prior to 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
saltstack salt 2016.3.3
saltstack salt
saltstack salt 2016.11.0
saltstack salt 2016.11.1
saltstack salt 2016.11.2
saltstack salt 2016.3.0
saltstack salt 2016.3.1
saltstack salt 2016.3.2
saltstack salt 2016.3.4

When using the local_batch client from salt-api in SaltStack Salt before 2015813, 20163x before 201635, and 201611x before 2016112, external authentication is not respected, enabling all authentication to be bypassed ...

The `LocalClientcmd_batch()` method client does not accept `external_auth` credentials and so access to it from salt-api has been removed for now This vulnerability allows code execution for already-authenticated users and is only in effect when running salt-api as the `root` user ...

CWE-287 https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-5192 https://security.archlinux.org/CVE-2017-5192

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-5192

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect