CVE-2023-20897

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-20897
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20897.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-20897
Aliases
Downstream
Related
Published
2023-09-05T11:15:32.973Z
Modified
2026-02-05T08:45:45.945716Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.

References

Affected packages

Git / github.com/saltstack/salt

Affected ranges

Type
GIT
Repo
https://github.com/saltstack/salt
Events
Introduced
86bb64dde27281d545ef46e1a42471a90c494197
Fixed
8f750fa7ae115c48c16ca03ef3f16e4ba76f921c
Fixed
c71ff9204ab5ae90b21b68cf3447be472a8db8f2

Affected versions

v3006.*
v3006.0
v3006.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20897.json"