CVE-2020-25592

Name
CVE-2020-25592
Description
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Release Notes https://docs.saltstack.com/en/latest/topics/releases/index.html
Vendor Advisory https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
Third Party Advisory https://security.gentoo.org/glsa/202011-13
Third Party Advisory http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
Mailing List https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
Third Party Advisory https://www.debian.org/security/2021/dsa-4837

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= None < 2015.8.10
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2015.8.11 < 2015.8.13
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.3.0 < 2016.3.4
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.3.5 < 2016.3.6
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.3.7 < 2016.3.8
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.11.0 < 2016.11.3
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.11.4 < 2016.11.6
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2016.11.7 < 2016.11.10
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2017.5.0 < 2017.7.4
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2017.7.5 < 2017.7.8
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2018.2.0 < 2018.3.5
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 2019.2.0 < 2019.2.5
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* salt >= 3000.0 < 3000.3
cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:* salt == None == 3001

Vulnerable and fixed packages

Source package Branch Version Maintainer Status