2020-11-06 07:31:53
mitre
PUBLISHED
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.