Security Advisory
CVE-2020-25592
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.