CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published: 2021-03-03T09:55:16.356867Z

Updated: 2024-09-16T21:03:45.719Z

Reserved: 2021-01-19T00:00:00

Link: CVE-2021-25315

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-03T10:15:13.940

Modified: 2024-11-21T05:54:43.943

Link: CVE-2021-25315

cve-icon Redhat

Severity : Important

Publid Date: 2021-02-17T00:00:00Z

Links: CVE-2021-25315 - Bugzilla