Security Advisory

CVE-2024-38825

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-13 06:46:12

Last updated 2025-06-13 14:01:02

Assigner vmware

State PUBLISHED

Description

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.

← Browse all CVEs View on cve.org ↗