VYPR

rpm package

suse/salt&distro=SUSE Enterprise Storage 2.1

pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%202.1

Vulnerabilities (2)

  • CVE-2016-3176MedJan 31, 2017
    affected < 2014.1.10-5.1fixed 2014.1.10-5.1

    Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.

  • CVE-2015-8034LowJan 30, 2017
    affected < 2014.1.10-8.4fixed 2014.1.10-8.4

    The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.