CVE-2020-17490 log

Severity Low
Remote Yes
Type Access restriction bypass
An issue has been found in Salt before 3001.3, 3000.5, 2019.2.7 where, when using the functions create_ca, create_csr, and create_self_signed_cert in the tls execution module, it will not ensure the key was created with the correct permissions.
Group Package Affected Fixed Severity Status Ticket
AVG-1262 salt 2019.2.4-1 2019.2.7-1 Critical Fixed
Date Advisory Group Package Severity Type
10 Nov 2020 ASA-202011-7 AVG-1262 salt Critical multiple issues