Improper access control in Salt

#VU12733 Improper access control in Salt

Published: 2018-05-15

Vulnerability identifier: #VU12733

Vulnerability risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9639

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Salt
Web applications / Remote management & hosting panels

Vendor: SaltStack

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists due to improper access control. A remote attacker can read or write to minions with the same id, related to caching.

Mitigation
Update to version 2015.8.11.

Vulnerable software versions

Salt: 2015.8.0 - 2015.8.10

External links
http://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in SaltStack