CVE-2013-4435
Description
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.324
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.15.0 | Windows |
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.15.1 | Windows |
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.16.0 | Windows |
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.16.2 | Windows |
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.16.3 | Windows |
| Vulnerabilities CVE-2013-4435,CVE-2013-4438,CVE-2013-4439,CVE-2013-6617 are affected in VMware SALT 0.16.4 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 0.17.0 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 0.17.1 | Windows |
| Multiple vulnerabilities are fixed in Python-salt for linux 0.17.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234