CVE-2021-25315

03.03.2021, 10:15

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 35%

Affected Products (NVD)

Vendor	Product	Version
saltstack	salt	𝑥 < 3002.2

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

salt

bionic	needs-triage
focal	dne
groovy	ignored
hirsute	ignored
impish	ignored
jammy	needs-triage
kinetic	ignored
lunar	dne
mantic	dne
noble	dne
trusty	needs-triage
xenial	needs-triage

openSUSE / SLES Releases

openSUSE Product

Release

python3-distro

suse enterprise desktop 15 SP2	1.5.0-3.5.1 fixed
suse enterprise desktop 15 SP3	1.5.0-3.5.1 fixed
suse enterprise desktop 15 SP4	1.5.0-3.5.1 fixed
suse enterprise desktop 15 SP5	1.5.0-3.5.1 fixed
suse enterprise desktop 15 SP6	1.5.0-3.5.1 fixed
suse enterprise sap 15 SP2	1.5.0-3.5.1 fixed
suse enterprise sap 15 SP3	1.5.0-3.5.1 fixed
suse enterprise sap 15 SP4	1.5.0-3.5.1 fixed
suse enterprise sap 15 SP5	1.5.0-3.5.1 fixed
suse enterprise sap 15 SP6	1.5.0-3.5.1 fixed
suse enterprise server 15 SP2	1.5.0-3.5.1 fixed
suse enterprise server 15 SP3	1.5.0-3.5.1 fixed
suse enterprise server 15 SP4	1.5.0-3.5.1 fixed
suse enterprise server 15 SP5	1.5.0-3.5.1 fixed
suse enterprise server 15 SP6	1.5.0-3.5.1 fixed

python3-salt

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

python3-salt-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

salt-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-api

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-api-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-bash-completion

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

salt-bash-completion-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-cloud

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-cloud-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-doc

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

salt-doc-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-fish-completion

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-fish-completion-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-master

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-master-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-minion

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

salt-minion-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-proxy

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-proxy-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-ssh

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-ssh-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-standalone-formulas-configuration

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-standalone-formulas-configuration-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-syndic

suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed

salt-syndic-3004

suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

salt-transactional-update

suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed

salt-zsh-completion

suse enterprise desktop 15 SP2	3002.2-37.1 fixed
suse enterprise desktop 15 SP3	3002.2-6.1 fixed
suse enterprise desktop 15 SP5	3005.1-150500.2.13 fixed
suse enterprise desktop 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise sap 15 SP2	3002.2-37.1 fixed
suse enterprise sap 15 SP3	3002.2-6.1 fixed
suse enterprise sap 15 SP5	3005.1-150500.2.13 fixed
suse enterprise sap 15 SP6	3006.0-150500.4.29.1 fixed
suse enterprise server 15	3002.2-8.41.8.1 fixed
suse enterprise server 15 SP1	3002.2-37.1 fixed
suse enterprise server 15 SP2	3002.2-37.1 fixed
suse enterprise server 15 SP3	3002.2-6.1 fixed
suse enterprise server 15 SP5	3005.1-150500.2.13 fixed
suse enterprise server 15 SP6	3006.0-150500.4.29.1 fixed

salt-zsh-completion-3004

suse enterprise desktop 15 SP4	150400.6.16 fixed
suse enterprise sap 15 SP4	150400.6.16 fixed
suse enterprise server 15 SP4	150400.6.16 fixed

Common Weakness Enumeration

CWE-287 - Improper Authentication
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

References

https://bugzilla.suse.com/show_bug.cgi?id=1182382