VDB
CVE-2024-22231
CVE-2024-22231
PUBLISHED
Es besteht eine Schwachstelle in SaltStack Salt. Dieser Fehler besteht im Syndic-Cache-Verzeichnis aufgrund eines Directory Traversal Problems. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um ein beliebiges Verzeichnis auf einem Salt-Master zu erstellen.
EPSS 0.58% · 69.2th percentile
Risk Scores
EPSS Score
0.58%
69.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gentoo | Gentoo Linux | |
| SaltStack | SaltStack Salt <3006.6 | |
| SUSE | SUSE Linux | |
| SaltStack | SaltStack Salt <3005.5 |
Timeline
- Jan 31, 2024 CVE Published
- Jun 27, 2024 EPSS Score
- Jul 19, 2024 EPSS Score
- Aug 11, 2024 EPSS Score
- Sep 2, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 17, 2024 EPSS Score
- Oct 30, 2024 Coalition ESS Score
- Nov 8, 2024 EPSS Score
- Dec 2, 2024 EPSS Score
- Dec 8, 2024 CVE Updated
- Dec 24, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0265.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0265 advisory
- https://saltproject.io/security-announcements/2024-01-31-advisory/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017926.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017928.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017929.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017930.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017924.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017927.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018455.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018456.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018459.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018457.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018458.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018462.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018461.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018460.html advisory
- https://security.gentoo.org/glsa/202412-09 advisory