CVE-2024-38822 – Salt Minion Token Validation Bypass

June 13, 2025

CVE ID : CVE-2024-38822

Published : June 13, 2025, 7:15 a.m. | 2 hours, 49 minutes ago

Description : Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.

Severity: 2.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-38825 – Apache Salt PKI Authentication Bypass

Next Article CVE-2025-4229 – Palo Alto Networks PAN-OS SD-WAN Information Disclosure Vulnerability

Highlights

CVE-2024-1440 – WSO2 Open Redirection Vulnerability

June 2, 2025

CVE ID : CVE-2024-1440

Published : June 2, 2025, 5:15 p.m. | 2 hours, 9 minutes ago

Description : An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.

By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

Newest LF Decentralized Trust Lab HOPrS identifies if photos have been altered

Fed up with AI scraping your content? This open-source bot blocker can help – here’s how

It’s Ubisoft’s most polished game in years — Assassin’s Creed Shadows on Xbox Series X has a fantastic Amazon Prime Day discount

I’ve accepted that Adobe subscriptions are part of my creative life — but with these discounts, it stings much less than it used to

ChatGPT falls for a “dead grandma” scam and generates Microsoft Windows 7 activation keys — but they’re useless

NativePHP for Mobile v1.1: Smaller, Smarter, and Ready to Scale

NativePHP for Mobile v1.1: Smaller, Smarter, and Ready to Scale

Custom Object Casting in Laravel Models

PHP 8.5 Introduces an INI Diff Option

Mozilla VPN Linux App is Now Available on Flathub

Mozilla VPN Linux App is Now Available on Flathub

It’s Ubisoft’s most polished game in years — Assassin’s Creed Shadows on Xbox Series X has a fantastic Amazon Prime Day discount

I’ve accepted that Adobe subscriptions are part of my creative life — but with these discounts, it stings much less than it used to

CVE-2024-38822 – Salt Minion Token Validation Bypass

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Forget AGI – Meta is going after ‘superintelligence’ now

CVE-2024-7103 – WSO2 Identity Server Reflected XSS

CVE-2025-5585 – SiteOrigin Widgets Bundle Stored Cross-Site Scripting Vulnerability

Linux Schools – Ubuntu-based server based distribution

CVE-2024-1440 – WSO2 Open Redirection Vulnerability

CVE-2024-54172 – IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Request Forgery

How cron and Task Scheduler work in Laravel

SonicWall Issues Patch for Exploit Chain in SMA Devices

CVE-2024-38822 – Salt Minion Token Validation Bypass

Related Posts