ZDNet

Minion privilege escalation exploit patched in SaltStack Salt project

The Salt Project has patched a privilege escalation bug impacting SaltStack Salt minions that could be used during a wider exploit chain. The vulnerability, CVE-2020-28243, is described as a privilege ...
Bleeping Computer

SaltStack reveals new critical vulnerabilities, patch now

SaltStack, a VMware-owned company, has revealed critical vulnerabilities impacting Salt versions 3002 and prior, with patches available as of today. Salt is an open-source IT infrastructure management ...
ZDNet

SaltStack revises partial patch for command injection, privilege escalation vulnerability

The Salt Project has issued a secondary fix for a command injection vulnerability after the first attempt to patch the issue partially failed. The vulnerability, tracked as CVE-2020-28243, impacts ...