Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-21996 - log back

CVE-2021-21996 edited at 09 Sep 2021 12:08:18

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Arbitrary filesystem access

Description

+	An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

References

+	https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/

Notes

CVE-2021-21996 created at 09 Sep 2021 12:07:31