win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs.
2017-08-09T16:29:00.330
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | saltstack | salt_2015 | 5.0 | Yes |
Application | saltstack | salt_2015 | 5.1 | Yes |
Application | saltstack | salt_2015 | 5.2 | Yes |
Application | saltstack | salt_2015 | 5.3 | Yes |
Application | saltstack | salt_2015 | 5.4 | Yes |
Application | saltstack | salt_2015 | 5.5 | Yes |
Application | saltstack | salt_2015 | 8.0 | Yes |