cbcvebase.
CVE-2021-31607
published 2021-04-23

CVE-2021-31607: In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion…

PriorityP346high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
3.81%
88.7th percentile
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).

Affected

5 ranges
VendorProductVersion rangeFixed in
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
saltstacksalt>= 2016.11.0 < 3003rc13003rc1
saltstacksalt2016.9 – 3002.6

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.