CVE-2016-3176 — Salt Insecure configuration of PAM external authentication service

Description

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.

How to fix CVE-2016-3176

To remediate CVE-2016-3176, upgrade the affected package to a fixed version below.

—upgrade to 2015.5.10 or later
—upgrade to 2015.5.10 or later

Is CVE-2016-3176 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 2015.5.10
from 0, < 2015.5.10, >= 2015.8, < 2015.8.8

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

References (6)

ADVISORYgithub.com/advisories/GHSA-v2rp-9cpj-pfw2
ADVISORYnvd.nist.gov/vuln/detail/CVE-2016-3176
PATCHgithub.com/saltstack/salt
WEBdocs.saltstack.com/en/latest/topics/releases/2015.5.10.html
WEB