cbcvebase.
CVE-2013-4439
published 2013-11-05

CVE-2013-4439: Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.

PriorityP427medium4.9CVSS 2.0
AVNACMAuSCPIPAN
EPSS
1.47%
70.6th percentile
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.

Affected

9 ranges
VendorProductVersion rangeFixed in
saltstacksalt
saltstacksalt
saltstacksalt
saltstacksalt
saltstacksalt
saltstacksalt
saltstacksalt
saltstacksalt>= 0 < 0.17.10.17.1
saltstacksalt>= 0.15.0 < 0.17.10.17.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.