CVE-2022-22935

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-22935
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22935.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-22935
Aliases
Downstream
Related
Published
2022-03-29T17:15:15.220Z
Modified
2026-04-10T04:44:35.785535Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.

References

Affected packages

Git / github.com/saltstack/salt

Affected ranges

Type
GIT
Repo
https://github.com/saltstack/salt
Events
Introduced
998c382f5f2c3b4cbf7d96aa6913ada6993909b3
Fixed
836789a88156bb19fdac3fa00139cd278f92418c
Introduced
6fa95b058b9d999c23dff5eb2ba4127aa2dc8b71
Fixed
99d30f4022cff1582bba0c28fd606897aa8d248a
Introduced
fec6e71228f67d1d7bbf1abe32f98acb392d3697
Fixed
064729c1ed085466cf4863403100461fbe4abd81
Database specific 
{
    "versions": [
        {
            "introduced": "3002"
        },
        {
            "fixed": "3002.8"
        },
        {
            "introduced": "3003"
        },
        {
            "fixed": "3003.4"
        },
        {
            "introduced": "3004"
        },
        {
            "fixed": "3004.1"
        }
    ]
}

Affected versions

Other
v3002
v3003_docs
v3003rc1
v3004
v3004rc1
v3002.*
v3002.2
v3002.3
v3002.4
v3002.5
v3002.6
v3002.7
v3003.*
v3003.1
v3003.2
v3003.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22935.json"