Low severity3.3NVD Advisory· Published Jan 30, 2017· Updated Jun 17, 2026
CVE-2015-8034
CVE-2015-8034
Description
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saltPyPI | < 2015.8.3 | 2015.8.3 |
Affected products
5- ghsa-coords4 versionspkg:pypi/saltpkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%201.0pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%202pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%202.1
< 2015.8.3+ 3 more
- (no CPE)range: < 2015.8.3
- (no CPE)range: < 2014.1.10-8.4
- (no CPE)range: < 2014.1.10-6.4
- (no CPE)range: < 2014.1.10-8.4
Patches
Vulnerability mechanics
References
7- docs.saltstack.com/en/latest/topics/releases/2015.8.3.htmlnvdRelease NotesVendor AdvisoryWEB
- github.com/advisories/GHSA-6prw-8xhm-h247ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-8034ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-32.yamlghsaWEB
- github.com/saltstack/salt/issues/28455ghsaWEB
- web.archive.org/web/20200227192308/http://www.securityfocus.com/bid/96390ghsaWEB
- www.securityfocus.com/bid/96390nvd
News mentions
0No linked articles in our index yet.