CVE-2021-25283
Description
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
6.824
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.2 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.4 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2015.8.12 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.3 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2017.7.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2015.8.9 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.9 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2019.2.4 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2018.3.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2019.2.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3000.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3001.3 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3002.4 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2015.8.13 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2016.11.10 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2017.7.8 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2016.11.5 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2019.2.8 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 3000.7 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 3001.5 | Windows |
| Vulnerabilities CVE-2021-25283 are fixed in Python-salt 3002.5 | Windows |
| Multiple vulnerabilities are affected in Python-salt 2018.3.5 | Windows |
| Multiple vulnerabilities are fixed in Python-salt for linux 2015.8.13 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2016.11.10 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2017.7.8 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2016.11.5 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2019.2.8 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 3000.7 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 3001.5 | Linux |
| Vulnerabilities CVE-2021-25283 are fixed in Python-salt for linux 3002.5 | Linux |
| Multiple vulnerabilities are affected in Python-salt for linux 2018.3.5 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234