VYPR
Critical severity9.8NVD Advisory· Published Jan 17, 2020· Updated Jun 17, 2026

CVE-2019-17361

CVE-2019-17361

Description

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
saltPyPI
< 2019.2.32019.2.3

Affected products

15

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.