Vulnerability identifier: #VU39762
Vulnerability risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-287
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Salt
Web applications /
Remote management & hosting panels
Vendor: SaltStack
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Salt: 2015.8.0 - 2015.8.7
External links
http://docs.saltstack.com/en/latest/topics/releases/2015.5.10.html
http://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.