Aqua CSPM

AZURE › Network Security Groups ›

Open Salt

Quick Info


Plugin Title	Open Salt
Cloud	AZURE
Category	Network Security Groups
Description	Determine if TCP ports 4505 or 4506 for the Salt master are open to the public
More Info	Active Salt vulnerabilities, CVE-2020-11651 and CVE-2020-11652 are exploiting Salt instances exposed to the internet. These ports should be closed immediately.
AZURE Link	https://help.saltstack.com/hc/en-us/articles/360043056331-New-SaltStack-Release-Critical-Vulnerability
Recommended Action	Restrict TCP ports 4505 and 4506 to known IP addresses

Detailed Remediation Steps

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.

Sign up for free

Cloud native security as-a-service

Aqua Wave

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2021 Aqua Security Software Ltd. Privacy Policy | Terms of Use