CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: suse
Published: 2021-03-03T09:55:16.356867Z
Updated: 2024-09-16T21:03:45.719Z
Reserved: 2021-01-19T00:00:00
Link: CVE-2021-25315
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-03-03T10:15:13.940
Modified: 2024-11-21T05:54:43.943
Link: CVE-2021-25315
Redhat