{"uuid": "6829797a-058c-45fd-b9e1-da445e191d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25281", "type": "seen", "source": "https://t.me/cibsecurity/24281", "content": "\u203c CVE-2021-25281 \u203c\n\nAn issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-27T07:40:09.000000Z"}