CVE-2021-3144

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3144

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3144.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3144

Aliases

Downstream

DLA-2815-1

SUSE-RU-2021:0632-1

SUSE-RU-2021:0633-1

SUSE-SU-2021:0624-1

SUSE-SU-2021:0626-1

SUSE-SU-2021:0627-1

SUSE-SU-2021:0628-1

SUSE-SU-2021:0630-1

SUSE-SU-2021:0631-1

SUSE-SU-2021:0914-1

SUSE-SU-2021:0915-1

SUSE-SU-2021:14650-1

SUSE-SU-2021:1690-1

UBUNTU-CVE-2021-3144

openSUSE-SU-2021:0347-1

Related

Published

2021-02-27T05:15:14.113Z

Modified

2025-11-19T17:33:39.764564Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

References

Affected packages

Git / github.com/saltstack/salt

Affected ranges

Type: GIT
Repo: https://github.com/saltstack/salt
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c3d2c4eaaef3f26e58d2f676c7456987af866155

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3144.json"