This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: SaltStack Salt < 3002.5 has an **Authorization Issue**. The `salt-api` ignores `eauth` credentials for the `wheel_async` client.β¦
π‘οΈ **Root Cause**: **Missing Access Control**. The system fails to verify authentication credentials (`eauth`) for specific API endpoints (`wheel_async`).β¦
π¦ **Affected**: **SaltStack Salt** versions **before 3002.5**. <br>π§ **Component**: Specifically the **salt-api** service and the **wheel_async** client interface.β¦
π **Threshold**: **LOW**. <br>π **Auth**: **No authentication required**. The vulnerability explicitly states `salt-api` does not honor `eauth` credentials. <br>βοΈ **Config**: Exploitable if the API is accessible.β¦
π **Self-Check**: <br>1. Check Salt version: Is it **< 3002.5**? <br>2. Scan for `salt-api` endpoints. <br>3. Use Nuclei template: `http/cves/2021/CVE-2021-25281.yaml`. <br>4.β¦
β **Fixed?**: **YES**. <br>π οΈ **Patch**: Upgrade to SaltStack Salt **version 3002.5 or later**. <br>π’ **Advisory**: Vendor (SaltStack) and distributors (Fedora, Gentoo) have released fixes and advisories.