Arbitrary Command Execution Vulnerability in SaltStack by Salt Project
CVE-2025-22237

6.7MEDIUM

Key Information:

Vendor: Vmware
Status: Salt
Vendor: CVE Published:; 13 June 2025

What is CVE-2025-22237?

An exploitable vulnerability exists in SaltStack where an attacker, holding a legitimate minion key, can manipulate the 'on demand' pillar functionality. By issuing a specially crafted Git URL, the attacker can trigger arbitrary command execution on the master server. This exploit operates under the privileges of the master process, potentially leading to severe security implications.

Affected Version(s)

SALT 3006.x < 3006.12

SALT 3007.x < 3007.4

References

https://docs.saltproject.io/en/3006/topics/releases/3006....

https://docs.saltproject.io/en/3007/topics/releases/3007....

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2025
Vulnerability Reserved
Jan 2, 2025

Vmware

What is CVE-2025-22237?

Affected Version(s)

References

CVSS V3.1

Timeline