CVE-2017-5200 log

Severity High
Remote Yes
Type Arbitrary command execution
Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client. Users of Salt-API and salt-ssh could execute a command on the salt master via a hole when both systems were enabled.
Group Package Affected Fixed Severity Status Ticket
AVG-159 salt 2016.11.1-1 2016.11.2-1 High Fixed
Date Advisory Group Package Severity Type
31 Jan 2017 ASA-201701-41 AVG-159 salt High multiple issues