Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SaltStack Salt竞争条件问题漏洞
Vulnerability Description
SaltStack Salt是SaltStack公司的一套开源的用于管理基础架构的工具。该工具提供配置管理、远程执行等功能。 SaltStack Salt 3003.3之前版本存在竞争条件问题漏洞,该漏洞源于salt安装程序默认将接受并使用C:saltconf中的一个配置文件,如果该文件在安装程序运行之前就已经存在,则可能破坏软件的正常安装行为。
CVSS Information
N/A
Vulnerability Type
N/A