Saltstack remote code execution : CVE-2020–16846
Hi readers!! In this blog, I am talking about saltstack and latest vulnerability of remote code execution. Saltstack also known as Salt. and It is used in DevOps.
What is SaltStack?
SaltStack, also known as Salt, is a configuration management and orchestration tool. It uses a central repository to provision new servers and other IT infrastructure, to make changes to existing ones, and to install software in IT environments, including physical and virtual servers, as well as the cloud.
How does SaltStack use in DevOps organizations?
Salt is used in DevOps organizations because it pulls developer code and configuration information from a central code repository, such as GitHub or Subversion, and pushes that content remotely out to servers. Salt users can write their own scripts and programs, and can download prebuilt configurations that other users have contributed to a public repository.
Understand the keywords in simple language Configuration management and Orchestration
Configuration management : A telecom firm maintains a configuration management database that includes relationships between components. This is used to automatically determine the impact of failures. For example, if a router goes down the firm has immediate access to a list of impacted services and customers. The company phones customers to tell them their service is down before they typically notice. Large corporate customers appreciate this service as they are accustomed to having to push telecom companies to fix problems.
Orchestration : For example, orchestrating an app means not only deploying an application, but also connecting it to the network so it can communicate with users and other apps. In the cloud, orchestration is often key to ensuring that automated spin-up activities like auto-scaling take place in the right order, with the right security rules and permissions in place.
SaltStack vulnerabilities
SaltStack officially disclosed two vulnerabilities, CVE-2020–16846 and CVE-2020–25592. CVE-2020–25592 allows arbitrary user to use the SSH module, and CVE-2020–16846 allows users to execute arbitrary commands. Chain these two vulnerabilities will allow unauthorized attackers to execute arbitrary commands through the Salt API.
Vulnmachines — Place for Penetration Testers
Vulnmachines platform is for people who are willing to learn about real time pentesting and CVE exploits. In vulnmachines, you can learn individual or as team you can join. I have created lots of task based on CVE, Web app security and based on real time pentesting that will help you to improve your knowledge and understanding of how exploits works. Check out the platform click here.
CVE PoC channel
Twitter : Rapid SafeGuard
Facebook Group : Vulnmachines
