CVE-2021-3144

Published: Feb 27, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/saltstack/salt/releases

https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/

FEDORA-2021-904a2dbc0c

vendor-advisory

FEDORA-2021-5756fbf8a6

vendor-advisory

FEDORA-2021-43eb5584ad

vendor-advisory

GLSA-202103-01

vendor-advisory

[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update

mailing-list

DSA-5011

vendor-advisory

GLSA-202310-22

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-3144

Description

Affected Products

References