CVE-2020-25592: salt: salt-netapi improperly validates eauth credentials and tokens

Severity: Critical

CVSS Score: 9.8

In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.