9.8

CVSS Score

3.0

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-15751

CVE-2018-15751: SaltStack Salt Remote command execution and incorrect access control when using salt-api

SaltStack Salt 2016.11.x before 2016.11.10, 2017.7.x before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2018-15751

CVE-2018-15751:

9.8

CVSS Score

3.0

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
salt	pip	>= 2017.7.0, < 2017.7.8	2017.7.8
salt	pip	>= 2018.3.0, < 2018.3.3	2018.3.3
salt	pip	>= 2016.11.0, < 2016.11.10	2016.11.10

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability (CVE-2018-15751) stems from improper authentication in salt-api's netapi component. Analysis of SaltStack's release notes and security advisories indicates that:

The REST API endpoints (particularly /run and webhook endpoints) were missing authentication decorators like @auth.requires_auth
Attack patterns show command execution via unauthenticated API requests
The fixes in 2017.7.8/2018.3.3 specifically addressed authentication gaps in the CherryPy implementation
Historical context from similar Salt vulnerabilities shows that RunHandler and WebhookHandler classes were common failure points for auth checks While exact pre-patch code isn't shown, the combination of vulnerability nature, affected components, and Salt's architecture strongly implicates these API endpoint handlers as the vulnerable functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2018-15751: SaltStack Salt Remote command execution and incorrect access control when using salt-api

CVE-2018-15751:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Basic Information

Basic Information

9.8

9.8

CVE-2018-15751: SaltStack Salt Remote command execution and incorrect access control when using salt-api

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI