CVE-2022-22934 is a vulnerability in SaltStack Salt
Published on March 29, 2022
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minions public key, which can result in attackers substituting arbitrary pillar data.
Products Associated with CVE-2022-22934
Want to know whenever a new CVE is published for SaltStack Salt? stack.watch will email you.
Exploit Probability
EPSS
0.12%
Percentile
31.09%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.