{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T12:54:25.116","vulnerabilities":[{"cve":{"id":"CVE-2023-20897","sourceIdentifier":"security@vmware.com","published":"2023-09-05T11:15:32.973","lastModified":"2025-02-13T17:16:02.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted."},{"lang":"es","value":"Salt masters anteriores a 3005.2 o 3006.2 contienen un DOS en retorno minion. Después de recibir varios paquetes incorrectos en el servidor de solicitudes igual al número de subprocesos de trabajo, el master dejará de responder a las solicitudes de devolución hasta que se reinicie."}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*","versionEndExcluding":"3005.2","matchCriteriaId":"B70F6397-8CB9-47B6-A4BF-C7E4A1017F6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*","versionStartIncluding":"3006.0","versionEndExcluding":"3006.2","matchCriteriaId":"A22FBD43-AC7E-45B9-9EC5-340CF735773E"}]}]}],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/","source":"security@vmware.com"},{"url":"https://saltproject.io/security-announcements/2023-08-10-advisory/","source":"security@vmware.com","tags":["Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://saltproject.io/security-announcements/2023-08-10-advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}