CVE-2014-3563 – salt

Package

Manager: pip
Name: salt
Vulnerable Version: >=0 <2014.1.10

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.0014 pctl0.3478

Details

SaltStack Salt Insecure Temporary File Creation Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

Metadata

Created: 2022-05-17T01:24:39Z
Modified: 2024-10-21T21:23:08Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mfr3-9cj8-h2qm/GHSA-mfr3-9cj8-h2qm.json
CWE IDs: ["CWE-59"]
Alternative ID: GHSA-mfr3-9cj8-h2qm
Finding: F076
Auto approve: 1