SaltStack Salt CVE-2020-28972 Certificate Validation Bypass Vulnerability

description-logoDescription

In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.

affected-products-logoAffected Applications

Salt

CVE References

CVE-2020-28972