CVE-2019-17361 log

Source
Severity Medium
Remote Yes
Type Arbitrary command execution
Description
With the Salt NetAPI enabled in addition to having a SSH roster defined, unauthenticated access is possible when specifying the client as SSH. Additionally, when the raw_shell option is specified any arbitrary command may be run on the Salt master when specifying SSH options.
Group Package Affected Fixed Severity Status Ticket
AVG-1087 salt 2019.2.2-1 2019.2.3-1 Medium Fixed
Date Advisory Group Package Severity Description
29 Jan 2020 ASA-202001-7 AVG-1087 salt Medium arbitrary command execution
References
https://github.com/saltstack/salt/commit/bca115f3f00fbde564dd2f12bf036b5d2fd08387
Notes
This is technically both an auth bypass and a RCE. I opted for RCE as this seems to be the more impactful one