Jasper Lievisse Adriaanse - Security Researcher - Exploit Intelligence Platform

CVE-2020-11651 NOMISEC CRITICAL WORKING POC

SaltStack Salt <2019.2.4,3000.2 - RCE

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

121 stars

CVSS 9.8

View Code

CVE-2020-11651 NOMISEC CRITICAL WORKING POC

SaltStack Salt <2019.2.4,3000.2 - RCE

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

5 stars

CVSS 9.8

View Code

CVE-2020-11651 NOMISEC CRITICAL WORKING POC

SaltStack Salt <2019.2.4,3000.2 - RCE

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

1 stars

CVSS 9.8

View Code

CVE-2020-11651 NOMISEC CRITICAL WORKING POC

SaltStack Salt <2019.2.4,3000.2 - RCE

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

CVSS 9.8

View Code

CVE-2020-11652 VULNCHECK_XDB MEDIUM WORKING POC

SaltStack Salt < 2019.2.4 - Authenticated Path Traversal via ClearFuncs Methods

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CVSS 6.5

View Code

CVE-2020-11652 VULNCHECK_XDB MEDIUM WORKING POC

SaltStack Salt < 2019.2.4 - Authenticated Path Traversal via ClearFuncs Methods

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CVSS 6.5

View Code

CVE-2020-11651 EXPLOITDB CRITICAL WORKING POC

SaltStack Salt <2019.2.4,3000.2 - RCE

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

CVSS 9.8

View Code

CVE-2020-11652 EXPLOITDB MEDIUM text WORKING POC

SaltStack Salt < 2019.2.4 - Authenticated Path Traversal via ClearFuncs Methods

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CVSS 6.5

View Code