CVE-2024-38822

CVSS v2.0

3.3

Low

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Salt (affected versions not specified)

Description The issue allows a misbehaving minion to impersonate another minion due to the salt master skipping minion token validation in multiple methods.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

ALT-PU-2025-8072

ALT-PU-2025-8965

BDU:2025-10846

CVE-2024-38822

OPENSUSE-SU-2025:15295-1

SUSE-SU-2025:02476-1

SUSE-SU-2025:02491-1

SUSE-SU-2025:02492-1

SUSE-SU-2025:02499-1

SUSE-SU-2025:02500-1

SUSE-SU-2025:02501-1

SUSE-SU-2025:02502-1

SUSE-SU-2025:02534-1

SUSE-SU-2025:20487-1

SUSE-SU-2025:20504-1

SUSE-SU-2025_02500-1

SUSE-SU-2025_02501-1

SUSE-SU-2025_02534-1

Affected Products

Alt Linux

Red Os

Salt

Suse

CVE-2024-38822

Weakness Enumeration

Related Identifiers

Affected Products

References · 142