Critical security issue in Salt Stack

Share
Share

Security reseachers have identified a critical security vulnerability in the salt stack management framework.

If your salt “master” was reachable over the network by attackers, attackers could inject code into your salt managed hosts. At this time there are already reports of exploits in the wild.

SUSE has released security updates for its salt packages, please update them as soon as possible.

SUSE also recommends putting the salt master behind a firewall or a seperate network.

We described the problem in our TID

CVE pages:

Share
(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet

Marcus Meissner
2,162 views