SaltStack.salt.wheel.pillar_roots.write.Directory.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in SaltStack Salt.
The vulnerability is due to improper validation of user-supplied in the pillar_roots.write method. A remote attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted server. Successful exploitation can result in arbitrary file creation and, in the worst case, remote code execution in the context of the root user.

affected-products-logoAffected Products

SaltStack Salt prior to 3000.7
SaltStack Salt prior to 3001.5
SaltStack Salt prior to 3002.3

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-05-13 18.079 Sig Added
2021-04-06 18.052 Sig Added
2021-03-23 18.043 Default_action:pass:drop
2021-03-11 18.034