CVE Published: 29/03/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: vmware |
Vendor: n/a |
Product: SaltStack Salt Status : PUBLISHED
CVE-2022-22934 Description
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.