mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
134 lines
4.3 KiB
JSON
134 lines
4.3 KiB
JSON
{
|
|
"id": "CVE-2013-6617",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2013-11-05T18:55:06.277",
|
|
"lastModified": "2024-11-21T01:59:22.417",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El \"salt master\" en Salt (aka SaltStack) 0.11.0 hasta la versi\u00f3n 0.17.0 no libera adecuadamente los privilegios de grupo, lo que hace m\u00e1s f\u00e1cil para un atacante remoto obtener privilegios."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 10.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.11.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "346DEA29-5CAC-4DB2-9E67-2F079CA93E96"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.12.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "470AF174-46C0-4BD3-8679-8CE1B72C96C6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.13.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "02214451-6F5C-4B8C-9C0D-570AA59EBFA4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3D0A0404-071C-4070-8E37-68E7B401A8E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.15.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C779C5D-AF44-41B7-9F7D-F48A77C21D77"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.15.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6837044F-9B5B-41D4-B8ED-878354EC95D6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.16.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C8657106-9D19-4D3A-BF9F-0266FD4D5537"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.16.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B38ECC74-E5D4-4798-B8B0-C11023ED2F0D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.16.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6A3B9B09-9652-4860-949F-7A1056CAC653"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.16.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9BA355D0-0CC3-4A0D-B22D-9B1EA683329F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:saltstack:salt:0.17.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4941BDA-B0E6-4FE5-B90F-9C2A0CF06305"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://docs.saltstack.com/topics/releases/0.17.1.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://docs.saltstack.com/topics/releases/0.17.1.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |