← back
CVE-2017-5200

CVE-2017-5200

EPSS 3.2%
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.htmlhttps://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.htmlhttps://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html