Oval Definition:oval:org.opensuse.security:def:202122004
Revision Date:2022-09-02Version:1
Title:CVE-2021-22004
Description:

An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-22004
SUSE CVE-2021-22004
Platform(s):SUSE CaaS Platform 4.0
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Server Applications 15 SP3
SUSE Linux Enterprise Module for Server Applications 15 SP4
SUSE Linux Enterprise Module for Transactional Server 15 SP3
SUSE Linux Enterprise Module for Transactional Server 15 SP4
SUSE Linux Enterprise Real Time 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Transactional Server 15 SP3 is installed
  • AND salt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-bash-completion is not affected
  • OR salt-doc is not affected
  • OR salt-minion is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • salt-api is not affected
  • OR salt-cloud is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.2 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND Package Information
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-bash-completion is not affected
  • OR salt-doc is not affected
  • OR salt-minion is not affected
  • OR salt-zsh-completion is not affected
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-transactional-update is not affected
  • OR salt-zsh-completion is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-transactional-update is not affected
  • OR salt-zsh-completion is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Real Time 15 SP2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-transactional-update is not affected
  • OR salt-zsh-completion is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Transactional Server 15 SP3 is installed
  • AND salt-transactional-update is not affected
  • OR Package Information
  • SUSE Linux Enterprise Real Time 15 SP2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Enterprise Storage 7 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-transactional-update is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-bash-completion is not affected
  • OR salt-doc is not affected
  • OR salt-minion is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • salt-api is not affected
  • OR salt-cloud is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.0 is installed
  • AND salt is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Transactional Server 15 SP4 is installed
  • AND salt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-bash-completion is not affected
  • OR salt-doc is not affected
  • OR salt-minion is not affected
  • OR salt-zsh-completion is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND
  • salt-api is not affected
  • OR salt-cloud is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.1 is installed
  • AND Package Information
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-minion is not affected
  • OR salt-transactional-update is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Real Time 15 SP2 is installed
  • AND salt is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND
  • python3-salt is not affected
  • OR salt is not affected
  • OR salt-api is not affected
  • OR salt-bash-completion is not affected
  • OR salt-cloud is not affected
  • OR salt-doc is not affected
  • OR salt-fish-completion is not affected
  • OR salt-master is not affected
  • OR salt-minion is not affected
  • OR salt-proxy is not affected
  • OR salt-ssh is not affected
  • OR salt-standalone-formulas-configuration is not affected
  • OR salt-syndic is not affected
  • OR salt-transactional-update is not affected
  • OR salt-zsh-completion is not affected
    • BACK