← Back

CVE-2020-28243

nvd nist
Published: Feb 27, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

Affected (21)

Saltstack
1 product
Salt
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Saltstack
Salt
Before 2015.8.10
Salt
From 2015.8.11 to 2015.8.13
Salt
From 2016.11.4 to 2016.11.5
Salt
From 2016.11.7 to 2016.11.10
Salt
From 2016.3.0 to 2016.3.4
Salt
From 2016.3.5 to 2016.3.6
Salt
From 2016.3.7 to 2016.3.8
Salt
From 2016.3.9 to 2016.11.3
Salt
From 2017.5.0 to 2017.7.8
Salt
From 2018.2.0 to 2018.3.5
Salt
From 2019.2.0 to 2019.2.5
Salt
From 2019.2.6 to 2019.2.8
Salt
From 3000 to 3000.6
Salt
From 3001 to 3001.4
Salt
From 3002 to 3002.5
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 32
Fedora
Version 33
Fedora
Version 34
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 11.0
Debian Linux
Version 9.0

Related CWEs

CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

References (22)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.