Vulnerability identifier: #VU38423
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-295
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Salt
Web applications /
Remote management & hosting panels
Vendor: SaltStack
Description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Salt: 2014.7.5
External links
http://www.openwall.com/lists/oss-security/2015/05/19/2
http://bugzilla.redhat.com/show_bug.cgi?id=1222960
http://docs.saltstack.com/en/latest/topics/releases/2014.7.6.html
http://groups.google.com/forum/#!topic/salt-users/8Kv1bytGD6c
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.