CVE-2021-3144
Description
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
Risk Information
Base Score
9.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
4.704
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.2 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.4 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2015.8.12 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.3 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.3.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2017.7.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2015.8.9 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2016.11.9 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2019.2.4 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2018.3.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 2019.2.7 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3000.5 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3001.3 | Windows |
| Multiple Vulnerabilities are affected in VMware SALT 3002.4 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2015.8.13 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2016.11.10 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2017.7.8 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2016.11.5 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 2019.2.8 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 3000.7 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 3001.5 | Windows |
| Multiple vulnerabilities are fixed in Python-salt 3002.3 | Windows |
| Multiple vulnerabilities are affected in Python-salt 2018.3.5 | Windows |
| Multiple vulnerabilities are fixed in Python-salt for linux 2015.8.13 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2016.11.10 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2017.7.8 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2016.11.5 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 2019.2.8 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 3000.7 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 3001.5 | Linux |
| Multiple vulnerabilities are fixed in Python-salt for linux 3002.3 | Linux |
| Multiple vulnerabilities are affected in Python-salt for linux 2018.3.5 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234