CVE-2020-28972 log

Severity High
Remote Yes
Type Certificate verification bypass
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the files) does not always validate the SSL/TLS certificate.
Group Package Affected Fixed Severity Status Ticket
AVG-1624 salt 2019.2.7-1 3002.5-3 High Fixed
Date Advisory Group Package Severity Type
27 Feb 2021 ASA-202102-33 AVG-1624 salt High multiple issues