---

CVE-2017-5200 - log back

CVE-2017-5200 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary command execution
Description	+ Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client. Users of Salt-API and salt-ssh could execute a command on the salt master via a hole when both systems were enabled.
References	+ https://groups.google.com/forum/#!msg/salt-announce/eP_kQiQdnvo/6cvBrwsqCAAJ
Notes