CNNVD-202506-1754 Information
Jun 13, 2025
cve
CNNVD ID
CNNVD-202506-1754
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Salt是Salt项目的一个自动化、基础设施管理、数据驱动编排和远程执行应用程序。 Salt存在安全漏洞,该漏洞源于多个方法跳过minion令牌验证,可能导致恶意minion冒充其他minion。
Description (English)
Salt is an automation, infrastructure management, data-driven organization and remote implementation application for the Salt project. There is a security loophole in Salt, which stems from multiple methods of skipping the minion tokens, which may lead to malicious minion impersonating other minion.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Salt
Published
2025-06-13
Last Modified
2026-02-24
References
https://docs.saltproject.io/en/3006/topics/releases/3006.12.html https://docs.saltproject.io/en/3007/topics/releases/3007.4.html
Patch
https://packages.broadcom.com/artifactory/saltproject-generic/
Share on: