CVE-2020-11651: 
Python vulnerability analysis and mitigation

CVE-2020-11651 is a critical authentication bypass vulnerability discovered in SaltStack Salt before versions 2019.2.4 and 3000.2. The vulnerability was identified in April 2020 and affects the salt-master process ClearFuncs class, which fails to properly validate method calls (CVE-2020-11651, SaltStack Release).

The vulnerability exists in the salt-master process ClearFuncs class where method calls are not properly validated. This allows remote users to access certain methods without authentication, which can be exploited to retrieve user tokens from the salt master and execute arbitrary commands on salt minions. The vulnerability has been assigned a CVSS v3 base score of 10.0, indicating critical severity (Rapid7).

The impact of this vulnerability is severe as it allows unauthorized access to critical system functions. An attacker with network access to ports 4505 or 4506 on the affected salt-master can potentially retrieve user tokens and execute arbitrary commands on connected salt minions, effectively gaining complete control over the salt infrastructure (VMware Advisory).

The primary mitigation is to upgrade to Salt version 2019.2.4 or 3000.2 or later. For systems that cannot be immediately upgraded, network-level controls should be implemented to restrict access to the salt-master ports (4505 and 4506). Multiple vendors have released patches for their affected products, including Ubuntu, Debian, and VMware (Ubuntu Notice, Debian LTS).