CVE-2021-3144

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-3144
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3144.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-3144
Aliases
Related
Published
2021-02-27T05:15:14Z
Modified
2024-08-01T07:44:37.947579Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

References

Affected packages

Git / github.com/saltstack/salt

Affected ranges

Type
GIT
Repo
https://github.com/saltstack/salt
Events

Affected versions

old-branch-2014.*

old-branch-2014.7

old-branch-2015.*

old-branch-2015.5

v2015.*

v2015.8.11
v2015.8.12

v2016.*

v2016.3.0
v2016.3.1
v2016.3.2
v2016.3.3