SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). Upstream Changelog: https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
Created heketi tracking bugs for this issue: Affects: fedora-all [bug 1644490] Created salt tracking bugs for this issue: Affects: epel-all [bug 1644492] Affects: fedora-all [bug 1644491]
Until release 1.9 of Kubernetes there where configuration files for installing Kubernetes via Saltstack included in the Kubernetes repository. However the only supported configuration management solution for OpenShift Container Platform 3.x is Ansible [2], therefore OpenShift Container Platform 3.x is not affected by this issue.