Security News > 2020 > May > Cisco Servers Hacked via Salt Vulnerabilities

Now, Cisco reveals that salt-master servers that are used with Cisco Virtual Internet Routing Lab Personal Edition were upgraded on May 7, and that, on the same day, they were found to have been compromised through the aforementioned vulnerabilities.

"Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised. The servers were remediated on May 7, 2020," the company announced in an advisory.

"Cisco VIRL-PE connects back to Cisco maintained Salt Servers that are running the salt-master service. These servers are configured to communicate with a different Cisco salt-master server, depending on which release of Cisco VIRL-PE software is running. Administrators can check the configured Cisco salt-master server by navigating to VIRL Server > Salt Configuration and Status," the company explains.

Cisco Modeling Labs Corporate Edition, which is also impacted by the Salt vulnerabilities, does not connect to Cisco-maintained Salt Servers.

"For any installation that is found with salt-master service running Cisco would recommend either inspecting the machine for compromise or doing a re-image of the machine and installing the latest version of Cisco CML or Cisco VIRL-PE," the company adds.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/JYn2ZUnuX8o/cisco-servers-hacked-salt-vulnerabilities