""ET EXPLOIT Possible Saltstack Authentication Bypass CVE-2020-11651 M1""
SID: 2030071
Revision: 2
Class Type: attempted-admin
Metadata: affected_product Linux, attack_target Server, created_at 2020_05_01, cve CVE_2020_11651, deployment Perimeter, signature_severity Major, updated_at 2020_05_01
Reference:
-
cve
-
2020-11651
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: any
Destination Port: 4506
Flow: established,to_server
Contents:
- Value: "_prep_auth_info"
Within:
PCRE:
Special Options: