CVE-2021-25315

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-25315
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25315.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-25315
Aliases
Related
Published
2021-03-03T10:15:13Z
Modified
2024-10-12T07:06:14.372690Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.

References

Affected packages

Git / github.com/saltstack/salt

Affected ranges

Type
GIT
Repo
https://github.com/saltstack/salt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

old-branch-2014.*

old-branch-2014.7

old-branch-2015.*

old-branch-2015.5
old-branch-2015.8

old-branch-2016.*

old-branch-2016.3

v0.*

v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.12.0
v0.13.0
v0.14.0
v0.15.0
v0.16
v0.17
v0.6.0
v0.7.0
v0.8.0
v0.8.7
v0.8.8
v0.8.9
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9

v2014.*

v2014.1
v2014.7
v2014.7.0
v2014.7.0rc1
v2014.7.0rc2
v2014.7.0rc3
v2014.7.0rc4
v2014.7.0rc5
v2014.7.0rc6
v2014.7.0rc7
v2014.7.1
v2014.7.2
v2014.7.3
v2014.7.4
v2014.7.5
v2014.7.6
v2014.7.7
v2014.7.8
v2014.7.9

v2015.*

v2015.2
v2015.2.0rc1
v2015.2.0rc2
v2015.5
v2015.5.0
v2015.5.1
v2015.5.11
v2015.5.2
v2015.5.3
v2015.5.4
v2015.5.5
v2015.5.6
v2015.5.7
v2015.5.8
v2015.5.9
v2015.8
v2015.8.0
v2015.8.0rc1
v2015.8.0rc2
v2015.8.0rc3
v2015.8.0rc4
v2015.8.0rc5
v2015.8.1
v2015.8.11
v2015.8.12
v2015.8.13
v2015.8.2
v2015.8.3
v2015.8.4
v2015.8.8
v2015.8.9

v2016.*

v2016.11
v2016.11.0
v2016.11.0rc1
v2016.11.0rc2
v2016.11.1
v2016.11.2
v2016.11.3
v2016.11.4
v2016.11.5
v2016.11.6
v2016.11.9
v2016.3
v2016.3.0
v2016.3.0rc0
v2016.3.0rc1
v2016.3.0rc2
v2016.3.0rc3
v2016.3.1
v2016.3.2
v2016.3.3
v2016.3.4
v2016.3.5
v2016.3.6
v2016.9

v2017.*

v2017.5
v2017.7
v2017.7.0
v2017.7.0rc1
v2017.7.1
v2017.7.2
v2017.7.3
v2017.7.4
v2017.7.5
v2017.7.6
v2017.7.7
v2017.7.8

v2018.*

v2018.11
v2018.2
v2018.3
v2018.3.0
v2018.3.0rc1
v2018.3.1
v2018.3.2
v2018.3.3
v2018.3.4

v2019.*

v2019.2
v2019.2.0
v2019.2.0rc1
v2019.2.0rc2
v2019.2.1
v2019.2.1rc1

Other

v3000
v3000_docs
v3001
v3001rc1
v3002
v3002rc1

v3000.*

v3000.0rc1
v3000.0rc2
v3000.1

v3001.*

v3001.1