Vulnerabilities > CVE-2013-2228 - Improper Restriction of Excessive Authentication Attempts vulnerability in Saltstack 0.14.0/0.14.1/0.15.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
SaltStack RSA Key Generation allows remote users to decrypt communications
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2013/07/01/1
- http://www.securityfocus.com/bid/60868
- http://www.securitytracker.com/id/1028717
- https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-2228
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2228
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85372
- https://security-tracker.debian.org/tracker/CVE-2013-2228