MEDIUM
Source
CloudSploit
ID
open-salt

Open Salt

Determine if TCP ports 4505 or 4506 for the Salt master are open to the public

Active Salt vulnerabilities, CVE-2020-11651 and CVE-2020-11652 are exploiting Salt instances exposed to the internet. These ports should be closed immediately.

Restrict TCP ports 4505 and 4506 to known IP addresses