CVE CVE-2020-11652 Mappings

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-11652 n/a uncategorized T1005 Data from Local System
CVE-2020-11652 n/a uncategorized T1190 Exploit Public-Facing Application