Security Advisory

CVE-2017-14695

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-10-24 17:00:00

Last updated 2024-08-05 19:34:39

Assigner mitre

State PUBLISHED

Description

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.

← Browse all CVEs View on cve.org ↗