CVE-2017-8109

Published: 2017-04-25T17:59Z

Last Modified: 2024-11-21T03:33Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt