Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25284PUBLISHED: 2021-02-27An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144PUBLISHED: 2021-02-27In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148PUBLISHED: 2021-02-27An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...
CVE-2021-3197PUBLISHED: 2021-02-27An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
User Rank: Guru
10/11/2015 | 3:48:47 AM
In the words of Walt Disney ""If you can dream it, you can do it."
I can't anymore. I've been on my own since I was 14 and now I am 24 with no formal education. I struggle to make ends meet and I have no support. I have to do everything on my own and I've reached out to so many people to help me but I get turned away.
There is only so many no's/you can't that a kid can deal with and I've reached the end of my rope. I've given up on my career, on my life really. You'll probably read my obituary before you read that I've succeeded in getting into CyberSec