Authentication Bypass Vulnerability in Salt with PAM External Authentication
CVE-2016-3176 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
Learn more about our External Network Penetration Testing.