Upstream information

CVE-2013-4437 at MITRE

Description

Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 849205 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.


Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s) Source package State
SUSE CaaS Platform 3.0 salt Released
SUSE Linux Enterprise High Performance Computing 12 salt Already fixed
SUSE Linux Enterprise Module for Advanced Systems Management 12 salt Already fixed
SUSE Linux Enterprise Server 12 salt Already fixed
SUSE Linux Enterprise Server 12 SP3 salt Already fixed
SUSE Linux Enterprise Server 12 SP4 salt Already fixed
SUSE Linux Enterprise Server 12 SP5 salt Already fixed
SUSE Linux Enterprise Server for SAP Applications 12 salt Already fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP3 salt Already fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP4 salt Already fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5 salt Already fixed
SUSE Manager Client Tools Beta for Ubuntu 2004 salt Already fixed
SUSE Manager Client Tools for SLE 12 salt Already fixed
SUSE Manager Client Tools for Ubuntu 1604 salt Already fixed
SUSE Manager Client Tools for Ubuntu 1804 salt Already fixed
SUSE Manager Client Tools for Ubuntu 2004 prometheus-node-exporter Released
SUSE Manager Client Tools for Ubuntu 2004 prometheus-postgres-exporter Released
SUSE Manager Client Tools for Ubuntu 2004 salt Released
SUSE Manager Server Module 4.0 py27-compat-salt Already fixed
SUSE Manager Server Module 4.1 py27-compat-salt Already fixed