High severity8.8NVD Advisory· Published Jun 23, 2022· Updated Jun 17, 2026
CVE-2022-22967
CVE-2022-22967
Description
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saltPyPI | < 3002.9 | 3002.9 |
saltPyPI | >= 3003.0, < 3003.5 | 3003.5 |
saltPyPI | >= 3004.0, < 3004.2 | 3004.2 |
Affected products
38- ghsa-coords37 versionspkg:pypi/saltpkg:rpm/opensuse/salt&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/salt&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/salt&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Advanced%20Systems%20Management%2012pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Transactional%20Server%2015%20SP3pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Transactional%20Server%2015%20SP4pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/salt&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/salt&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/salt&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/salt&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Server%20Module%204.3
< 3002.9+ 36 more
- (no CPE)range: < 3002.9
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150400.8.8.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150000.8.41.40.1
- (no CPE)range: < 3004-150000.8.41.40.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3000-65.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150400.8.8.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150400.8.8.1
- (no CPE)range: < 3004-150300.53.24.1
- (no CPE)range: < 3004-150400.8.8.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150000.8.41.40.1
- (no CPE)range: < 3004-150000.8.41.40.1
- (no CPE)range: < 3004-150100.71.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3000-65.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-150200.72.1
- (no CPE)range: < 3004-3.11.1
- (no CPE)range: < 3004-150000.3.11.1
- (no CPE)range: < 3004-150000.3.11.1
- (no CPE)range: < 3004-150000.3.11.1
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-fpxm-fprw-6hxjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-22967ghsaADVISORY
- repo.saltproject.ionvdProductVendor Advisory
- security.gentoo.org/glsa/202310-22nvdThird Party AdvisoryWEB
- github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-210.yamlghsaWEB
- repo.saltproject.ioghsaWEB
- saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2CnvdBroken Link
- saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/,ghsaWEB
News mentions
0No linked articles in our index yet.