Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-26T14:00:00
Updated: 2024-08-05T14:55:35.542Z
Reserved: 2017-01-06T00:00:00
Link: CVE-2017-5200
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-09-26T14:29:00.597
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-5200
Redhat