CVE-2021-22004: Improper Authentication
(updated )
An issue was discovered in SaltStack Salt The salt minion installer will accept and use a minion config file at C:\salt\conf
if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
References
Detect and mitigate CVE-2021-22004 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →