CVE-2021-21996

CWE-668 — Exposure to Wrong Sphere6 documents5 sources

Severity

7.5HIGH

EPSS

2.7%

top 14.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Saltstack Salt Debian Debian Linux Fedoraproject Fedora

Timeline

PublishedSep 8

Latest updateNov 21

Description

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages3 packages

▶NVDsaltstack/salt< 3000.3

▶CVEListV5saltstack_saltSaltstack Salt (before 3003.3)

▶PyPIsalt< 3003.3

Also affects: Debian Linux 10.0, 11.0, 9.0, Fedora 33, 34, 35

Patches

Patch: saltproject.io ↗Patch: saltproject.io ↗

🔴Vulnerability Details

OSV

Exposure of Resource to Wrong Sphere in salt↗2021-11-21

▶

GHSA

Exposure of Resource to Wrong Sphere in salt↗2021-11-21

▶

OSV

CVE-2021-21996: An issue was discovered in SaltStack Salt before 3003↗2021-09-08

▶

CVEList

CVE-2021-21996: An issue was discovered in SaltStack Salt before 3003↗2021-09-08

▶

📋Vendor Advisories

Red Hat

salt: user having control of source and source_hash URLs leads to root access↗2021-09-02

▶