Privilege Escalation in Salt Master (SaltStack) 0.11.0 - 0.17.0

Privilege Escalation in Salt Master (SaltStack) 0.11.0 - 0.17.0

CVE-2013-6617 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.

Learn more about our Web Application Penetration Testing UK.