Alibaba > ECS >

Open Salt

MEDIUM

Source

CloudSploit

open-salt

management console

Open Salt

Ensure that security groups does not have TCP ports 4505 or 4506 for the Salt master open to the public.

Active Salt vulnerabilities, CVE-2020-11651 and CVE-2020-11652 are exploiting Salt instances exposed to the internet. These ports should be closed immediately.

Recommended Actions

Restrict TCP ports 4505 and 4506 to known IP addresses

Links

https://www.alibabacloud.com/help/doc-detail/25471.htm

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.