---

CVE-2021-22004 - log back

CVE-2021-22004 edited at 09 Sep 2021 12:11:16
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Insufficient validation
Description	+ An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
References	+ https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
Notes

CVE-2021-22004 created at 09 Sep 2021 12:10:18