VDB
CVE-2023-20897
CVE-2023-20897
PUBLISHED
Es besteht eine Schwachstelle in SaltStack Salt. Dieser Fehler besteht in Minion Return aufgrund einer unsachgemäßen Behandlung von entschlüsselten Meldungen im Anfrageserver. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 0.18% · 38.7th percentile
Risk Scores
EPSS Score
0.18%
38.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SaltStack | SaltStack Salt <3006.2 | |
| Gentoo | Gentoo Linux | |
| SaltStack | SaltStack Salt <3005.2 | |
| SUSE | SUSE Linux | |
| SUSE | SUSE Manager <4.3.8 |
Timeline
- Sep 5, 2023 CVE Published
- Sep 6, 2023 EPSS Score
- Oct 9, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 16, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
- May 24, 2024 EPSS Score
- Jun 25, 2024 EPSS Score
- Jul 28, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2274.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2274 advisory
- https://saltproject.io/security-announcements/2023-08-10-advisory/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016398.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016403.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016404.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016405.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016406.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016391.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016395.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016390.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016389.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016407.html advisory
- https://security.gentoo.org/glsa/202412-09 advisory