The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T16:27:22.195Z
Reserved: 2017-04-25T00:00:00
Link: CVE-2017-8109

No data.

Status : Deferred
Published: 2017-04-25T17:59:00.180
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-8109


No data.