[ SB 21.06 ] SaltStack RCE and multiple Vulns (CVE-2021-25282, CVE-2021-25281, CVE-2021-3197)

SaltStack released an Advisory with multiple critical vulns announced:

CVE-2021-3197

Impact: The Salt-API’s SSH client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

CVE-2021-25281

Impact: The SaltAPI does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.

CVE-2021-25282

Impact: Unauthorized access wheel_async through salt-api can execute arbitrarily code/command.

CVE-2021-25283

Impact: Via the SaltAPI fix directory traversal in wheel.pillar_roots.write

Updates and Pacthes are available:

  • 3002.5
  • 3001.6
  • 3000.8




Fragen? Kontakt: info@zero.bs

taggy