{ "id": "CVE-2023-34049", "sourceIdentifier": "security@vmware.com", "published": "2024-11-14T05:15:28.260", "lastModified": "2024-11-15T13:58:08.913", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH.\u00a0Do not make the copy path on the target predictable and ensure we check return codes of the scp command if the copy fails." }, { "lang": "es", "value": "La opci\u00f3n de pre-vuelo de Salt-SSH copia el script al destino en una ruta predecible, lo que permite a un atacante forzar a Salt-SSH a ejecutar su script. Si un atacante tiene acceso a la m\u00e1quina virtual de destino y conoce la ruta al script de pre-vuelo antes de que se ejecute, puede asegurarse de que Salt-SSH ejecute su script con los privilegios del usuario que ejecuta Salt-SSH. No haga que la ruta de copia en el destino sea predecible y aseg\u00farese de verificar los c\u00f3digos de retorno del comando scp si la copia falla." } ], "metrics": { "cvssMetricV31": [ { "source": "security@vmware.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "baseScore": 6.7, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 0.8, "impactScore": 5.9 } ] }, "references": [ { "url": "https://saltproject.io/security-announcements/2023-10-27-advisory/", "source": "security@vmware.com" } ] }