CVE-2021-22004 log

Source
Severity Medium
Remote No
Type Insufficient validation
Description
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
Group Package Affected Fixed Severity Status Ticket
AVG-2356 salt 3003.2-1 3003.3-1 Medium Not affected
References
https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/