Description
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534
Patch, Third Party Advisory x_refsource_misc
https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/saltstack/salt/pull/51462
Scores
CVSS v3
9.8
EPSS
0.0188
EPSS Percentile
77.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (3)
pypi/salt
2018.3.0 - 2018.3.4PyPI
saltstack/salt_2018
3.0
saltstack/salt_2019
2.0
Published
Jul 18, 2019
Tracked Since
Feb 18, 2026