Security News > 2020 > May > Hackers breached six Cisco servers through SaltStack Salt vulnerabilities
Earlier this month, when F-Secure publicly revealed the existence of two vulnerabilities affecting SaltStack Salt and attackers started actively exploiting them, Cisco was among the victims.
The revelation was made on Thursday, when Cisco published an advisory saying that, on May 7, 2020, they've discovered the compromise of six of their salt-master servers, which are part of the Cisco VIRL-PE service infrastructure.
SaltStack Salt is open source software that is used for managing and monitoring servers in datacenters and cloud environments.
"Cisco Modeling Labs Corporate Edition and Cisco Virtual Internet Routing Lab Personal Edition incorporate a version of SaltStack that is running the salt-master service that is affected by these vulnerabilities," Cisco shared.
"Cisco infrastructure maintains the salt-master servers that are used with Cisco VIRL-PE. Those servers were upgraded on May 7, 2020. Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/VxZFHyZIk7s/
Related news
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- Cisco takes DevHub portal offline after hacker publishes stolen data (source)
- Exploited: Cisco, SharePoint, Chrome vulnerabilities (source)
- Cisco bug lets hackers run commands as root on UWRB access points (source)