Directory traversal vulnerability in SaltStack Salt- CVE-2020-11652ID: oval:org.secpod.oval:def:62951 | Date: (C)2020-05-04 (M)2023-12-26 |
Class: VULNERABILITY | Family: windows |
The host is installed with SaltStack Salt before 2019.2.4 or 3000.x before 3000.2 and is prone to a directory traversal vulnerability. A flaw exists exists within the application, which fails to properly handle an issue in the wheel module. Successful exploitation could allow remote attackers to read files outside of the intended directory.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
SaltStack Salt |
SaltStack Salt 3000.x |