Command Injection Affecting salt package, versions [2016.11.0rc1,3003rc1)


0.0
high

Snyk CVSS

    Attack Complexity High
    Confidentiality High
    Integrity High
    Availability High

    Threat Intelligence

    Exploit Maturity Proof of concept
    EPSS 0.05% (17th percentile)
Expand this section
NVD
7.8 high
Expand this section
SUSE
7 high
Expand this section
Red Hat
7.8 high

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-PYTHON-SALT-1255524
  • published 24 Apr 2021
  • disclosed 24 Apr 2021
  • credit Unknown

How to fix?

Upgrade salt to version 3003rc1 or higher.

Overview

salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.

Affected versions of this package are vulnerable to Command Injection via the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).