Security Onion Blog

Monday, May 4, 2020

SaltStack CVE-2020-11651 and CVE-2020-11652

Two vulnerabilities in SaltStack were recently announced:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11651

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11652

In the current Security Onion 16.04 platform, we use the standard SaltStack packages from the standard Ubuntu repositories.  Ubuntu is currently tracking these as follows:

https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-11651.html

https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-11652.html

We would expect that as soon as Ubuntu updates its packages, then a standard "soup" update would completely remove the vulnerabilities.

UPDATE 2020/08/14 - Ubuntu has released updated packages:

In the meantime, please keep in mind that Security Onion locks down the host-based firewall to only allow connections to the salt ports from known good salt minions.  If you feel the need for additional compensating controls, you may wish to add firewall restrictions to your network firewalls as well.

at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Security Onion 2.4.111 now available!

In October, we released version 2.4.110: https://blog.securityonion.net/2024/10/security-onion-24110-hurricane-helene.html Last week, Surica...

Popular Posts

  • Community Webinars featuring Security Onion
    Thanks to all who attended the Zeek webinar on May 27! For those weren't able to join, the recording should be available soon and we wi...
  • Security Onion 2.4 Base OS
    Introduction Recent events have forced us to change course on the base operating system (OS) for Security Onion 2.4.  On 6/21/2023, Red Hat ...
  • Security Advisory for Squert
    Introduction Jeffrey Medsger reported several command injection and SQL injection vulnerabilities in Squert.  Wes Lambert also discovered s...

Blog Archive