Vulnerability in Saltstack Salt
CVE-2014-3563
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.
EPSS: 0.001 (33.9th percentile) — read the EPSS interpretation.
Affected products
- Saltstack Salt
- N/a — versions n/a
Weakness classification (CWE)
References
- salt-cve20143563-symlink(95392) (vdb-entry, x_refsource_XF)
- [oss-security] 20140821 Revised: Salt 2014.1.10 released (mailing-list, x_refsource_MLIST, Patch)
- 69319 (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)