Event Bus Authorization Bypass in SaltStack Minion by Salt Project
CVE-2025-22236

8.1HIGH

Key Information:

Vendor: Vmware
Status: Salt
Vendor: CVE Published:; 13 June 2025

What is CVE-2025-22236?

A vulnerability in SaltStack Minion allows an attacker with access to a minion key to craft specially-designed messages able to execute jobs on other minions. This event bus authorization bypass poses significant risks for environments utilizing SaltStack for orchestration, particularly in versions 3007.0 and above, where improper validation can lead to unauthorized actions being executed across connected minions.

Affected Version(s)

SALT 3006.x < 3006.12

SALT 3007.x < 3007.4

References

https://docs.saltproject.io/en/3006/topics/releases/3006....

https://docs.saltproject.io/en/3007/topics/releases/3007....

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jun 13, 2025
Vulnerability Reserved
Jan 2, 2025

JSON

Vmware

What is CVE-2025-22236?

Affected Version(s)

References

CVSS V3.1

Timeline