View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-15751 severity moderate: SUSE including 438 source package names (1.4.2:python3-distro-1.5.0-3.5.1, 2.5.3-61.1:python3-distro-1.5.0-3.5.1, …), 1217 product×package rows across 286 product lines (Container caasp/v4/389-ds, Container caasp/v4/salt-api, … (286 product lines)): Fixed 643, Known Not Affected 343, Known Affected 231.
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).