PT-2017-10230 · Saltstack+1 · Salt+1

Dario Leidi

Publicado

2016-09-07

Atualizado

2022-05-17

CVE-2016-9639

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Salt versions prior to 2015.8.11 Salt (affected versions not specified)

Description The issue allows deleted minions to read or write to minions with the same id due to caching.

Recommendations For versions prior to 2015.8.11, update to version 2015.8.11 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for other affected versions.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

ALT-PU-2016-1939

CVE-2016-9639

GHSA-HVMJ-356C-GPF4

OPENSUSE-SU-2024:11364-1

PYSEC-2017-34

SUSE-RU-2017:0169-1

SUSE-RU-2017:0171-1

SUSE-RU-2017:0174-1

Produtos afetados

Alt Linux

Salt

PT-2017-10230 · Saltstack+1 · Salt+1

CVE-2016-9639

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 38