Hackers breached six Cisco servers through SaltStack Salt vulnerabilities!
Cisco published an advisory saying that, on May 7, 2020, they’ve discovered the compromise of six of their salt-master servers, which are part of the Cisco VIRL-PE (Internet Routing Lab Personal Edition) service infrastructure.
SaltStack Salt is open-source software that is used for managing and monitoring servers in datacenters and cloud environments.
It is installed on a “master” server and it manages “minion” servers via an API agent.
The two recently revealed vulnerabilities – CVE-2020-11651 (an authentication bypass flaw) and CVE-2020-11652 (a directory traversal flaw) – can be exploited by unauthenticated, remote attackers to achieve RCE as root on both masters and minions.
The company has remediated the affected servers on the same day and has provided software updates that address these vulnerabilities so that enterprise admins that installed these solutions on-premises can fix them.
Cisco did not say what the attackers’ ultimate goal was, but in previously disclosed attacks, their intent was to install crypto coin miners.
Leis an méadú ar threochtaí teicneolaíochta go leor, tá na buntáistí ag baint le gach tionscal. Different technologies…
Is é cearrbhachas ar líne an gnáthchearrbhachas is déanaí i saol digiteach luas tapa an lae inniu. The internet now offers…
Séasúr cánach: tráth den bhliain tá faitíos ar go leor daoine aonair agus gnólachtaí. The weight of ensuring…
As we enter in the final months of 2023, we can talk more clearly about…
Ó scaoileadh i 2011, Minecraft has become one of the most played video games…
Tá Minecraft gníomhach le breis agus deich mbliana anuas, and in that time it has…
This website uses cookies.