Eauth Token Reuse Vulnerability in SaltStack Salt

Eauth Token Reuse Vulnerability in SaltStack Salt

CVE-2021-3144 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

Learn more about our Web Application Penetration Testing UK.