AVG-1087 log

Package salt
Status Fixed
Severity Medium
Type arbitrary command execution
Affected 2019.2.2-1
Fixed 2019.2.3-1
Current 3007.1-1 [extra]
Ticket None
Created Thu Jan 16 20:41:53 2020
Issue Severity Remote Type Description
CVE-2019-17361 Medium Yes Arbitrary command execution
With the Salt NetAPI enabled in addition to having a SSH roster defined, unauthenticated access is possible when specifying the client as SSH. Additionally,...
Date Advisory Package Type
29 Jan 2020 ASA-202001-7 salt arbitrary command execution
References
https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html