CVE-2024-22231 | THREATINT

Description

Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.

PUBLISHED Reserved 2024-01-08 | Published 2024-06-27 | Updated 2024-10-30 | Assigner vmware

MEDIUM: 5.0CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Product status

Default status

unaffected

Any version before 3005.5, 3006.6

affected

References

saltproject.io/security-announcements/2024-01-31-advisory/

cve.org (CVE-2024-22231)

nvd.nist.gov (CVE-2024-22231)

Download JSON

help @ threatint.eu