CVE-2025-22241

File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location and is present in the default configuration.

CVSS v3 5.6 MEDIUM

5.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.3 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://docs.saltproject.io/en/3006/topics/releases/3006.12.html
https://docs.saltproject.io/en/3007/topics/releases/3007.4.html

Configurations

No configuration.

History

17 Jun 2025, 18:15

Type	Values Removed	Values Added
CWE		CWE-22

16 Jun 2025, 12:32

Type	Values Removed	Values Added
Summary		(es) El contenido del archivo sobrescribe la clase VirtKey, que se invoca cuando se solicitan datos del pilar bajo demanda y utiliza datos no validados para crear rutas al directorio PKI. Esta función se utiliza para aceptar automáticamente las claves de autenticación de Minion basándose en un archivo de autorización preinstalado en una ubicación específica y está presente en la configuración predeterminada.

13 Jun 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-13 07:15

Updated : 2025-06-17 18:15

NVD link : CVE-2025-22241

Mitre link : CVE-2025-22241

CVE.ORG link : CVE-2025-22241

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

5.6 /10