Security News > 2020 > May > Hackers breached six Cisco servers through SaltStack Salt vulnerabilities
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was among the victims.
The revelation was made on Thursday, when Cisco published an advisory saying that, on May 7, 2020, they've discovered the compromise of six of their salt-master servers, which are part of the Cisco VIRL-PE service infrastructure.
SaltStack Salt is open source software that is used for managing and monitoring servers in datacenters and cloud environments.
"Cisco Modeling Labs Corporate Edition and Cisco Virtual Internet Routing Lab Personal Edition incorporate a version of SaltStack that is running the salt-master service that is affected by these vulnerabilities," Cisco shared.
"Cisco infrastructure maintains the salt-master servers that are used with Cisco VIRL-PE. Those servers were upgraded on May 7, 2020. Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/VxZFHyZIk7s/
Related news
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
- APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP (source)
- Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)