CVE-2024-22231

CVSS v3.1

5.0

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Salt (affected versions not specified)

Description The issue is related to a directory traversal attack in the Salt project, specifically in the Syndic cache directory creation. This could allow a malicious attacker to create an arbitrary directory on a Salt master. The vulnerability may also be exploited to execute arbitrary code remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALT-PU-2024-2460

ALT-PU-2024-4288

ALT-PU-2024-7869

ALT-PU-2024-8995

ALT-PU-2025-1673

BDU:2024-04876

CVE-2024-22231

GHSA-Q27C-J6J9-53W3

OPENSUSE-SU-2024_0509-1

OPENSUSE-SU-2024_0510-1

OPENSUSE-SU-2024_0513-1

SUSE-SU-2024:0506-1

SUSE-SU-2024:0507-1

SUSE-SU-2024:0508-1

SUSE-SU-2024:0509-1

SUSE-SU-2024:0510-1

SUSE-SU-2024:0513-1

SUSE-SU-2024:1517-1

SUSE-SU-2024:1518-1

SUSE-SU-2024:1525-1

SUSE-SU-2024_0506-1

SUSE-SU-2024_0507-1

SUSE-SU-2024_0508-1

SUSE-SU-2024_0509-1

SUSE-SU-2024_0510-1

Affected Products

Alt Linux

Red Os

Salt

Suse

CVE-2024-22231

Weakness Enumeration

Related Identifiers

Affected Products

References · 86