Vulnerabilities > Saltstack > Salt > 3004

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2023-20897 Improper Resource Shutdown or Release vulnerability in Saltstack Salt
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return.
network
low complexity
saltstack CWE-404
5.3
2023-09-05 CVE-2023-20898 Unspecified vulnerability in Saltstack Salt
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2.
local
high complexity
saltstack
7.8
2022-06-23 CVE-2022-22967 Incorrect Authorization vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2.
network
low complexity
saltstack CWE-863
8.8
2022-03-29 CVE-2022-22934 Unspecified vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1.
low complexity
saltstack
8.8
2022-03-29 CVE-2022-22935 Improper Authentication vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1.
network
high complexity
saltstack CWE-287
3.7
2022-03-29 CVE-2022-22936 Authentication Bypass by Capture-replay vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1.
low complexity
saltstack CWE-294
8.8
2022-03-29 CVE-2022-22941 Incorrect Permission Assignment for Critical Resource vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1.
network
low complexity
saltstack CWE-732
8.8