Tuesday, March 2, 2021

SUSE: CVE-2021-3144: SUSE Linux Security Advisory

Description
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
Solution(s)
  • suse-upgrade-python2-salt
  • suse-upgrade-python3-salt
  • suse-upgrade-salt
  • suse-upgrade-salt-api
  • suse-upgrade-salt-bash-completion
  • suse-upgrade-salt-cloud
  • suse-upgrade-salt-doc
  • suse-upgrade-salt-fish-completion
  • suse-upgrade-salt-master
  • suse-upgrade-salt-minion
  • suse-upgrade-salt-proxy
  • suse-upgrade-salt-ssh
  • suse-upgrade-salt-standalone-formulas-configuration
  • suse-upgrade-salt-syndic
  • suse-upgrade-salt-zsh-completion


  • References
     

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated