Download
| Alert*
|
oval:org.secpod.oval:def:89046182
This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... oval:org.secpod.oval:def:88794 The host is installed with SaltStack Salt before 3002.8, 3003 before 3003.4, or 3004 before 3004.1 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to handle when configured as a Master-of-Masters, with a publisher_acl. Successful exploitation ... oval:org.secpod.oval:def:89046178 This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... oval:org.secpod.oval:def:89046179 This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... oval:org.secpod.oval:def:89047497 This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... |
