Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2017-5200

Disclosure Date: September 26, 2017 (last updated November 26, 2024)

Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.

Attacker Value

Unknown

CVE-2017-5192

Disclosure Date: September 26, 2017 (last updated November 26, 2024)

When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2017-5200

Unknown

CVE-2017-5192

Quick Cookie Notification