Home

CVE-2022-22967

Description

An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.536

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2022-22967 are affected in VMware SALT 3002.8Windows
Vulnerabilities CVE-2022-22967 are affected in VMware SALT 3003Windows
Vulnerabilities CVE-2022-22967 are affected in VMware SALT 3004Windows
Vulnerabilities CVE-2022-22967 are fixed in Python-salt 3002.9Windows
Vulnerabilities CVE-2022-22967 are fixed in Python-salt 3003.5Windows
Vulnerabilities CVE-2022-22967 are fixed in Python-salt 3004.2Windows
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) salt-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-api-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) salt-doc-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-ssh-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-cloud-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-proxy-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-master-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) salt-minion-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-syndic-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) python3-salt-3004-150300.53.24.1.x86_64.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) salt-zsh-completion-3004-150300.53.24.1.noarch.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) salt-bash-completion-3004-150300.53.24.1.noarch.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-fish-completion-3004-150300.53.24.1.noarch.rpmLinux
SUSE-SU-2022:2178-1(SUSE Linux Enterprise Module for Server Applications 15-SP3 ) salt-standalone-formulas-configuration-3004-150300.53.24.1.x86_64.rpmLinux
Vulnerabilities CVE-2022-22967 are fixed in Python-salt for linux 3002.9Linux
Vulnerabilities CVE-2022-22967 are fixed in Python-salt for linux 3003.5Linux
Vulnerabilities CVE-2022-22967 are fixed in Python-salt for linux 3004.2Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234