CVE-2020-28243 – An issue was discovered in SaltStack Salt before 3002.5. The minion’s restartcheck is vuln …

Vuln ID: CVE-2020-28243

Published:  2021-02-27  05:15:13Z

Description: An issue was discovered in SaltStack Salt before 3002.5. The minion’s restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

Source: NVD.NIST.GOV

 


Date:

Categorie(s):

Tag(s):