Denial of service vulnerability in SaltStack Salt - CVE-2023-20897ID: oval:org.secpod.oval:def:95620 | Date: (C)2023-12-07 (M)2024-01-03 |
Class: VULNERABILITY | Family: windows |
The host is installed with SaltStack Salt before 3005.2 or 3006.0 before 3006.2 and is prone to a denial of service vulnerability. A flaw exists exists within the application, which fails to properly handle the minion return. On successful exploitation, after receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Platform: |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |