CVE-2017-14695

high-risk
Published 2017-10-24

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.

Do I need to act?

-
0.33% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (15)

Affected Vendors

Saltstack

References (14)

Issue Tracking http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
Issue Tracking http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1500748
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
Issue Tracking https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6...
Issue Tracking http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
Issue Tracking http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1500748
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
Issue Tracking https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
Issue Tracking https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6...
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 1/34 · Minimal
Exposure 18/34 · Moderate