{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-22237", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2025-01-02T04:30:06.833Z", "datePublished": "2025-06-13T06:55:39.704Z", "dateUpdated": "2025-06-14T03:56:05.071Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "Salt", "product": "SALT", "vendor": "VMware", "versions": [{"lessThan": "3006.12", "status": "affected", "version": "3006.x", "versionType": "lts"}, {"lessThan": "3007.4", "status": "affected", "version": "3007.x", "versionType": "sts"}]}], "datePublic": "2025-06-12T07:33:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.<br></p>"}], "value": "An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-13T06:55:39.704Z"}, "references": [{"url": "https://docs.saltproject.io/en/3006/topics/releases/3006.12.html"}, {"url": "https://docs.saltproject.io/en/3007/topics/releases/3007.4.html"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE-2025-22237 salt advisory", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-13T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-22237"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-14T03:56:05.071Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-22237", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-13T13:52:41.237579Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-13T13:52:54.401Z"}}], "cna": {"title": "CVE-2025-22237 salt advisory", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VMware", "product": "SALT", "versions": [{"status": "affected", "version": "3006.x", "lessThan": "3006.12", "versionType": "lts"}, {"status": "affected", "version": "3007.x", "lessThan": "3007.4", "versionType": "sts"}], "packageName": "Salt", "defaultStatus": "unaffected"}], "datePublic": "2025-06-12T07:33:00.000Z", "references": [{"url": "https://docs.saltproject.io/en/3006/topics/releases/3006.12.html"}, {"url": "https://docs.saltproject.io/en/3007/topics/releases/3007.4.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.", "supportingMedia": [{"type": "text/html", "value": "<p>An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.<br></p>", "base64": false}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-13T06:55:39.704Z"}}}, "cveMetadata": {"cveId": "CVE-2025-22237", "state": "PUBLISHED", "dateUpdated": "2025-06-14T03:56:05.071Z", "dateReserved": "2025-01-02T04:30:06.833Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2025-06-13T06:55:39.704Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process."}, {"lang": "es", "value": "Un atacante con acceso a una clave de subordinado puede explotar la funcionalidad del pilar \"a pedido\" con una URL git especialmente manipulada que podr\u00eda hacer que se ejecute un comando arbitrario en el maestro con los mismos privilegios que el proceso maestro."}], "id": "CVE-2025-22237", "lastModified": "2025-06-13T14:15:19.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2025-06-13T07:15:21.010", "references": [{"source": "security@vmware.com", "url": "https://docs.saltproject.io/en/3006/topics/releases/3006.12.html"}, {"source": "security@vmware.com", "url": "https://docs.saltproject.io/en/3007/topics/releases/3007.4.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}