CVE-2020-11652

Related Files

Ubuntu Security Notice USN-4459-1

Posted Aug 14, 2020

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4459-1 - It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to extract sensitive information, execute arbitrary code or crash the server. It was discovered that Salt is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. Various other issues were also addressed.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2018-15750, CVE-2018-15751, CVE-2019-17361, CVE-2020-11652

SHA-256 | 554a555f7c9f85d9a4dada2c6804fc228f4388887cd01c661baad5b75fd51e4d

Download | Favorite | View

Debian Security Advisory 4676-1

Posted May 28, 2020

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4676-1 - Several vulnerabilities were discovered in salt, a powerful remote execution manager, which could result in retrieve of user tokens from the salt master, execution of arbitrary commands on salt minions, arbitrary directory access to authenticated users or arbitrary code execution on salt-api hosts.

tags | advisory, remote, arbitrary, vulnerability, code execution

systems | linux, debian

advisories | CVE-2019-17361, CVE-2020-11651, CVE-2020-11652

SHA-256 | bc8f6fb80beef063b1481154a0f467f4fb6d9239d5d229f48d3dffa80f9fa57e

Download | Favorite | View

Debian Security Advisory 4676-2

Posted May 28, 2020

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4676-2 - The update for salt for the oldstable distribution (stretch) released as DSA 4676-1 contained an incomplete fix to address CVE-2020-11651 and CVE-2020-11652. Updated salt packages are now available to correct this issue. For reference, the original advisory text follows.

tags | advisory

systems | linux, debian

advisories | CVE-2020-11651, CVE-2020-11652

SHA-256 | 796842d23e3e132487d82a2497387a92aa2770d53d6f95db179b90ce2981e9ee

Download | Favorite | View

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution

Posted May 12, 2020

Authored by wvu, F-Secure | Site metasploit.com

This Metasploit module exploits unauthenticated access to the runner() and _send_pub() methods in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to execute code as root on either the master or on select minions. VMware vRealize Operations Manager versions 7.5.0 through 8.1.0 are known to be affected by the Salt vulnerabilities. Tested against SaltStack Salt 2019.2.3 and 3000.1 on Ubuntu 18.04, as well as Vulhub's Docker image.

tags | exploit, root, vulnerability

systems | linux, ubuntu

advisories | CVE-2020-11651, CVE-2020-11652

SHA-256 | 8a5e7d31040e1c21ab99f881d936f3d17aadab8f8786980255feab1b1b628534

Download | Favorite | View

Saltstack 3000.1 Remote Code Execution

Posted May 5, 2020

Authored by Jasper Lievisse Adriaanse

Saltstack version 3000.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2020-11651, CVE-2020-11652

SHA-256 | 30e13e1ef114715477d92359a46e21130fb5b89d01ac65ed3cd4a9c4dd5ac0d7

Download | Favorite | View