A Incorrect Implementation of Authentication Algorithm vulnerability in of SUSE SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
{ "nvd_published_at": "2021-03-03T10:15:00Z", "cwe_ids": [ "CWE-287", "CWE-303" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-04-22T22:26:04Z" }