VYPR
Critical severityNVD Advisory· Published Feb 27, 2021· Updated Aug 3, 2024

CVE-2021-3144

CVE-2021-3144

Description

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
saltPyPI
< 2015.8.132015.8.13
saltPyPI
>= 2016.3.0, < 2016.11.52016.11.5
saltPyPI
>= 2016.11.7, < 2016.11.102016.11.10
saltPyPI
>= 2017.5.0, < 2017.7.82017.7.8
saltPyPI
>= 2018.2.0, <= 2018.3.5
saltPyPI
>= 3000, < 3000.73000.7
saltPyPI
>= 3001, < 3001.53001.5
saltPyPI
>= 3002, < 3002.33002.3
saltPyPI
>= 2019.2.0, < 2019.2.82019.2.8

Affected products

32

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.