Security News > 2020 > May > Hackers Compromise Cisco Servers Via SaltStack Flaws
Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities.
Hackers were able to successfully exploit the flaws incorporated in the latter product, resulting in the compromise of six VIRL-PE backend servers, according to Cisco.
"Cisco infrastructure maintains the salt-master servers that are used with Cisco VIRL-PE," according to Cisco's Thursday alert.
"Those servers were upgraded on May 7, 2020. Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised."
Cisco said that for Cisco CML and Cisco VIRL-PE if the salt-master service is enabled "The exploitability of the product depends on how the product has been deployed." A full list of the impact and recommended action for each deployment option, for each Cisco software release, can be found on Cisco's alert.
News URL
https://threatpost.com/hackers-compromise-cisco-servers-saltstack/156091/
Related news
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- Cisco takes DevHub portal offline after hacker publishes stolen data (source)
- Cisco bug lets hackers run commands as root on UWRB access points (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)