CVE Vulnerabilities

CVE-2013-4439

Published: Nov 05, 2013 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.

Affected Software

Name Vendor Start Version End Version
Salt Saltstack 0.15.0 (including) 0.15.0 (including)
Salt Saltstack 0.15.1 (including) 0.15.1 (including)
Salt Saltstack 0.16.0 (including) 0.16.0 (including)
Salt Saltstack 0.16.2 (including) 0.16.2 (including)
Salt Saltstack 0.16.3 (including) 0.16.3 (including)
Salt Saltstack 0.16.4 (including) 0.16.4 (including)
Salt Saltstack 0.17.0 (including) 0.17.0 (including)
Salt Ubuntu quantal *
Salt Ubuntu raring *
Salt Ubuntu saucy *
Salt Ubuntu upstream *

References