CVE-2025-62349 — Improper Authentication in Project Salt

CWE-287 — Improper Authentication8 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.0%

top 91.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Salt Project Salt Saltstack Salt

Timeline

PublishedJan 30

Description

Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to prior issues.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶PyPIsaltstack/salt3006.12 — 3006.17+1

▶CVEListV5salt_project/salt3006.12 — 3006.17+1

🔴Vulnerability Details

OSV

CVE-2025-62349: Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features↗2026-01-30

▶

OSV

Salt Authentication Protocol Version Downgrade Allows Minion Impersonation↗2026-01-30

▶

GHSA

Salt Authentication Protocol Version Downgrade Allows Minion Impersonation↗2026-01-30

▶

🕵️Threat Intelligence

Wiz

CVE-2025-67726 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-67725 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-62349 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-67724 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶