Vulnerabilities > Saltstack > Salt > Low

DATE CVE VULNERABILITY TITLE RISK
2022-03-29 CVE-2022-22935 Improper Authentication vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1.
network
high complexity
saltstack CWE-287
3.7
2017-01-30 CVE-2015-8034 Information Exposure vulnerability in Saltstack Salt
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.
local
low complexity
saltstack CWE-200
3.3