ГлавнаяУязвимости → CVE-2024-22232
7.7высокая

CVE-2024-22232

Описание

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.

CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Источники
https://saltproject.io/security-announcements/2024-01-31-advisory/https://saltproject.io/security-announcements/2024-01-31-advisory/