CVE-2022-22935

Summary

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.

Affected Software

VendorProductVersion RangeStatus
n/aSaltStack SaltSaltStack Salt prior to 3002.8, 3003.4, 3004.1affected

Weaknesses

  • Minion authentication denial of service

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References