CVE-2017-12791: salt: Directory traversal vulnerability on salt-master via crafted minion IDs

Severity: Critical

CVSS Score: 9.8

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.