Cisco hacked: Six backend servers used by customer VIRL-PE deployments compromised via SaltStack

2020-05-31 09:32

Six Cisco-operated servers were hacked via SaltStack security vulnerabilities, the networking giant revealed this week.

The compromised systems act as the salt-master servers for releases 1.2 and 1.3 of Cisco's Virtual Internet Routing Lab Personal Edition product, and customer installations connect to these Cisco-maintained backend boxes.

Cisco patched the six VIRL-PE salt-master boxes - us-1.virl.

In the same advisory, Cisco said it has patched the two critical SaltStack vulnerabilities - CVE-2020-11651 and CVE-2020-11652 - in VIRL-PE and Cisco Modeling Labs Corporate Edition.

Cisco acquired internet and network monitoring biz ThousandEyes in a deal thought to total $1bn. The San Francisco upstart will be merged with Cisco's new Networking Services business unit.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/05/31/cisco_security_roundup/

#cisco #hacked #server #CVE-2020-11651 #CVE-2020-11652

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-30	CVE-2020-11651	An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. network low complexity saltstack opensuse debian canonical vmware	7.5
2020-04-30	CVE-2020-11652	Path Traversal vulnerability in multiple products An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. network low complexity saltstack opensuse debian canonical blackberry vmware CWE-22	4.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		4442	231	3052	1816	603	5702
Saltstack		5	4	17	20	14	55