CVE-2019-17361 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Arbitrary command execution |
| Description | With the Salt NetAPI enabled in addition to having a SSH roster defined, unauthenticated access is possible when specifying the client as SSH. Additionally, when the raw_shell option is specified any arbitrary command may be run on the Salt master when specifying SSH options. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1087 | salt | 2019.2.2-1 | 2019.2.3-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 29 Jan 2020 | ASA-202001-7 | AVG-1087 | salt | Medium | arbitrary command execution |
| References |
|---|
https://github.com/saltstack/salt/commit/bca115f3f00fbde564dd2f12bf036b5d2fd08387 |
| Notes |
|---|
This is technically both an auth bypass and a RCE. I opted for RCE as this seems to be the more impactful one |