High severity7.5NVD Advisory· Published Aug 25, 2017· Updated May 13, 2026
CVE-2015-4017
CVE-2015-4017
Description
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saltPyPI | < 2014.7.6 | 2014.7.6 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.openwall.com/lists/oss-security/2015/05/19/2nvdMailing ListPatchThird Party AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryWEB
- docs.saltstack.com/en/latest/topics/releases/2014.7.6.htmlnvdPatchRelease NotesVendor AdvisoryWEB
- github.com/advisories/GHSA-8j9g-c9rp-jvg4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-4017ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-31.yamlghsaWEB
- groups.google.com/forum/ghsaWEB
- groups.google.com/forum/nvd
News mentions
0No linked articles in our index yet.