CVE-2013-4437

6 documents5 sources
Severity
10.0CRITICAL
EPSS
0.7%
top 28.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Saltstack Salt
Timeline
PublishedNov 5
Latest updateMay 17

Description

Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDsaltstack/salt0.17.0
PyPIsalt0.17.00.17.1

Patches

Patch: docs.saltstack.comPatch: docs.saltstack.com

🔴Vulnerability Details

4
OSV
SaltStack insecurely uses /tmp2022-05-17
GHSA
SaltStack insecurely uses /tmp2022-05-17
CVEList
CVE-2013-4437: Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 02013-11-05
OSV
CVE-2013-4437: Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 02013-11-05

💬Community

1
Bugzilla
CVE-2013-4435 CVE-2013-4436 CVE-2013-4437 CVE-2013-4438 CVE-2013-4439 CVE-2013-6617 salt: saltstack multiple flaws2013-10-17
CVE-2013-4437 (CRITICAL CVSS 10) | Unspecified vulnerability in salt-s | cvebase.io