Vulnerabilities > CVE-2013-2228 - Improper Restriction of Excessive Authentication Attempts vulnerability in Saltstack 0.14.0/0.14.1/0.15.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

NVD

Published: 2019-12-03

Updated: 2019-12-13

Summary

SaltStack RSA Key Generation allows remote users to decrypt communications

Vulnerable Configurations

Part	Description	Count
Application	Saltstack Saltstack Saltstack 0.14.0 Saltstack Saltstack 0.14.1 Saltstack Saltstack 0.15.0	3

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.