Security News > 2020 > May > Hackers breached six Cisco servers through SaltStack Salt vulnerabilities
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was among the victims.
The revelation was made on Thursday, when Cisco published an advisory saying that, on May 7, 2020, they've discovered the compromise of six of their salt-master servers, which are part of the Cisco VIRL-PE service infrastructure.
SaltStack Salt is open source software that is used for managing and monitoring servers in datacenters and cloud environments.
"Cisco Modeling Labs Corporate Edition and Cisco Virtual Internet Routing Lab Personal Edition incorporate a version of SaltStack that is running the salt-master service that is affected by these vulnerabilities," Cisco shared.
"Cisco infrastructure maintains the salt-master servers that are used with Cisco VIRL-PE. Those servers were upgraded on May 7, 2020. Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/VxZFHyZIk7s/
Related news
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices (source)
- Cisco Webex bug lets hackers gain code execution via meeting links (source)
- ASUS releases fix for AMI bug that lets hackers brick servers (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)