← Back

CVE-2017-5200

nvd nist
Published: Sep 26, 2017Modified: May 13, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.

Affected (9)

Products: Saltstack: Salt
Saltstack
1 product
Salt
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Saltstack
Salt
Up to 2015.8.12
Salt
Version 2016.11.0
Salt
Version 2016.11.1
Salt
Version 2016.11.2
Salt
Version 2016.3.0
Salt
Version 2016.3.1
Salt
Version 2016.3.2
Salt
Version 2016.3.3
Salt
Version 2016.3.4

References (6)

Source: cve@mitre.org
Release NotesVendor Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory

Timeline

No history available yet.