CVE-2015-6941 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 60%

Vendor	Product	Version
saltstack	salt_2015	5.0
saltstack	salt_2015	5.1
saltstack	salt_2015	5.2
saltstack	salt_2015	5.3
saltstack	salt_2015	5.4
saltstack	salt_2015	5.5
saltstack	salt_2015	8.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

salt

disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	ignored
vivid	ignored
trusty	Fixed 0.17.5+ds-1ubuntu0.1~esm1 released
precise	dne

Common Weakness Enumeration

CWE-534 - DEPRECATED: Information Exposure Through Debug Log Files
This entry has been deprecated because its abstraction was too low-level. See CWE-532.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1273066

https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html

https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html

https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710

https://bugzilla.redhat.com/show_bug.cgi?id=1273066

https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html

https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html

https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710