Main Vulnerability Database SB2021062235

SB2021062235 - SUSE update for Salt

Published: June 22, 2021

Security Bulletin ID SB2021062235

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Incorrect Implementation of Authentication Algorithm (CVE-ID: CVE-2021-25315)

The vulnerability allows a local user to escalate privileges on the system.

the vulnerability exists due to incorrect implementation of authentication algorithm in SUSE implementation of salt before 3002.2-3. A local user can execute arbitrary code via salt without providing valid credentials.

2) Command Injection (CVE-ID: CVE-2021-31607)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to command injection in the snapper module. A local user can escalate privileges on a minion.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2021/suse-su-20212104-1/

Vulnerable Software

SUSE Linux Enterprise Server for SAP: 15
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
salt-zsh-completion: before 3002.2-8.41.8.1
salt-bash-completion: before 3002.2-8.41.8.1
salt-minion: before 3002.2-8.41.8.1
salt-doc: before 3002.2-8.41.8.1
salt: before 3002.2-8.41.8.1
python3-salt: before 3002.2-8.41.8.1
salt-fish-completion: before 3002.2-8.41.8.1
salt-syndic: before 3002.2-8.41.8.1
salt-standalone-formulas-configuration: before 3002.2-8.41.8.1
salt-ssh: before 3002.2-8.41.8.1
salt-proxy: before 3002.2-8.41.8.1
salt-master: before 3002.2-8.41.8.1
salt-cloud: before 3002.2-8.41.8.1
salt-api: before 3002.2-8.41.8.1
salt-transactional-update: before 3002.2-8.41.8.1