OVAL Reference oval:com.ubuntu.cosmic:def:201752000000000

Oval Definition:

oval:com.ubuntu.cosmic:def:201752000000000

Revision Date:	2017-09-26	Version:	1
Title:	CVE-2017-5200 on Ubuntu 18.10 (cosmic) - medium.
Description:	Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client. Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client. Users of Salt-API and salt-ssh could execute a command on the salt master via a hole when both systems were enabled.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-5200
Platform(s):	Ubuntu 18.10	Product(s):
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed. AND salt package in cosmic, is related to the CVE in some way and has been fixed (note: '2017.7.4+dfsg1-1').