SaltStack Salt CVE-2021-3197 Arbitrary Code Execution Vulnerability

description-logoDescription

An issue was discovered in SaltStack Salt before 3002.5. The salt-api\'s ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

affected-products-logoAffected Applications

Salt

CVE References

CVE-2021-3197