CVE-2022-22934
Published
CVSS v3
8.8
HIGH
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
Software to automate the management and configuration of infrastructure and applications at scale.
GitHub