MEDIUM
Source
CloudSploit
ID
open-salt

Open Salt

Ensure that security groups does not have TCP ports 4505 or 4506 for the Salt master open to the public.

Active Salt vulnerabilities, CVE-2020-11651 and CVE-2020-11652 are exploiting Salt instances exposed to the internet. These ports should be closed immediately.

Restrict TCP ports 4505 and 4506 to known IP addresses