⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..
CVE-2020-11652 — Path Traversal in Salt
Severity
6.5MEDIUMNVD
OSV9.8
EPSS
94.3%
top 0.06%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedApr 30
KEV addedNov 3
KEV dueMay 3
Latest updateJun 25
CISA Required Action: Apply updates per vendor instructions.
Description
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages6 packages
Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 16.04, 18.04
🔴Vulnerability Details
6💥Exploits & PoCs
1📋Vendor Advisories
6VMware▶
vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)↗2020-05-08
💬Community
3Bugzilla▶
CVE-2020-11652 salt: salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths [epel-all]↗2020-05-06
Bugzilla▶
CVE-2020-11652 salt: salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths↗2020-05-06
Bugzilla▶
CVE-2020-11652 salt: salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths [fedora-all]↗2020-05-06