Miggo Logo
Miggo Vulnerability Database
CVE-2020-11652

CVE-2020-11652: SaltStack Salt is vulnerable Arbitrary Directory Access

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-11652
GHSA ID
GHSA-vp49-2g4r-m3x3
EPSS Score
0.99869%
CWE
CWE-20
Published
5/24/2022
Updated
10/26/2024
KEV Status
Yes
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
saltpip< 2019.2.42019.2.4
saltpip>= 3000, < 3000.23000.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability (CVE-2020-11652) explicitly references improper path sanitization in SaltStack Salt's ClearFuncs class. The ClearFuncs class handles master-minion communication, and methods like _file_trans (file transfer logic) and wheel (executing privileged operations) are critical points where path validation would occur. Advisories and release notes indicate these methods lacked proper sanitization, allowing path traversal. The high confidence stems from the direct association of ClearFuncs with the vulnerability description and the nature of the CWE-22 (path traversal) flaw.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in S*ltSt**k S*lt ***or* ****.*.* *n* **** ***or* ****.*. T** s*lt-m*st*r pro**ss *l**r*un*s *l*ss *llows ****ss to som* m*t*o*s t**t improp*rly s*nitiz* p*t*s. T**s* m*t*o*s *llow *r*itr*ry *ir**tory ****ss to *ut**nti**t** u

Reasoning

T** vuln*r**ility (*V*-****-*****) *xpli*itly r***r*n**s improp*r p*t* s*nitiz*tion in S*ltSt**k S*lt's *l**r*un*s *l*ss. T** *l**r*un*s *l*ss **n*l*s m*st*r-minion *ommuni**tion, *n* m*t*o*s lik* _*il*_tr*ns (*il* tr*ns**r lo*i*) *n* w***l (*x**utin