ZDNet

SaltStack Salt critical bugs allow data center, cloud server hijacking as root

The developers of the open source SaltStack Salt management framework, used in data centers and cloud servers, have warned users to update their builds following the discovery of critical remote code ...
Computer Weekly

Critical SaltStack vulnerability affects thousands of datacentres

A series of critical vulnerabilities in SaltStack’s open source Salt remote task and configuration framework will let hackers breeze past authentication and authorisation safeguards to take over ...
Dark Reading

Configuration Issues in SaltStack IT Tool Put Enterprises at Risk

Researchers have identified a template injection technique against the open source SaltStack IT configuration and orchestration platform, as well as common misconfiguration issues, which could allow ...
ZDNet

Minion privilege escalation exploit patched in SaltStack Salt project

The Salt Project has patched a privilege escalation bug impacting SaltStack Salt minions that could be used during a wider exploit chain. The vulnerability, CVE-2020-28243, is described as a privilege ...