What is CVE-2021-25281?

CVE-2021-25281 is a vulnerability in N/a. Published 2021-02-27.

Is CVE-2021-25281 known to be exploited?

27 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.

EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

github.com/saltstack/salt/releases
www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
FEDORA-2021-904a2dbc0c (vendor-advisory)
FEDORA-2021-5756fbf8a6 (vendor-advisory)
FEDORA-2021-43eb5584ad (vendor-advisory)
GLSA-202103-01 (vendor-advisory)
packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-…
[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update (mailing-list)
DSA-5011 (vendor-advisory)

Frequently asked questions

What is CVE-2021-25281?: CVE-2021-25281 is a vulnerability in N/a. Published 2021-02-27.
Is CVE-2021-25281 known to be exploited?: 27 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.