CVE-2017-5200
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
| Software | From | Fixed in |
|---|---|---|
| saltstack / salt | 2016.11.2 | 2016.11.2.x |
| saltstack / salt | 2016.11.1 | 2016.11.1.x |
| saltstack / salt | 2016.11.0 | 2016.11.0.x |
| saltstack / salt | 2016.3.0 | 2016.3.0.x |
| saltstack / salt | 2016.3.1 | 2016.3.1.x |
| saltstack / salt | 2016.3.2 | 2016.3.2.x |
| saltstack / salt | 2016.3.3 | 2016.3.3.x |
| saltstack / salt | 2016.3.4 | 2016.3.4.x |
| saltstack / salt | - | 2015.8.12.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime