CVE-2020-16846 log

Severity High
Remote Yes
Type Arbitrary command execution
An issue has been found in Salt before 3001.3, 3000.5, 2019.2.7 where an unauthenticated user with network access to the Salt API can use shell injections to run code on the Salt API using the SSH client.
Group Package Affected Fixed Severity Status Ticket
AVG-1262 salt 2019.2.4-1 2019.2.7-1 Critical Fixed
Date Advisory Group Package Severity Type
10 Nov 2020 ASA-202011-7 AVG-1262 salt Critical multiple issues