Cisco Roundup Six servers have been compromised via SaltStack vulnerabilities, according to a company statement.
The compromised systems acted as salt-master servers for versions 1.2 and 1.3 of the Cisco Virtual Internet Routing Lab Personal product Edition (VIRL-PE).
Of course, all of the company's customer facilities on these Cisco servers are affected.
Το SaltStack είναι ένα εργαλείο για τη διαχείριση λογισμικού που τρέχει σε απομακρυσμένα συστήματα. Η εφαρμογή εξέδωσε ενημερώσεις ασφαλείας στα τέλη Απριλίου για two vulnerabilities that can be exploited by malicious users to gain control over hosts.
So Cisco tested six VIRL-PE salt-master servers (us-1.virl.info, us-2.virl.info, us-3.virl.info, us-4.virl.info, vsm-us-1 .irl.info and vsm-us-2.virl.info) on May 7, and found that they had been violated.
According to one Publication of the company on May 28:
The Cisco infrastructure maintains the master-salt servers used with Cisco VIRL-PE. These servers were upgraded on May 7, 2020. Cisco found that the salt-master servers serving versions 1.2 and 1.3 of Cisco VIRL-PE had been compromised.
Cisco says it has fixed two critical vulnerabilities in SaltStack (CVE-2020-11651 and CVE-2020-11652) on the VIRL-PE platform and Cisco Modeling Labs Corporate Edition (CML).
To mention that Cisco hardware and infrastructure is used by the Greek State but also by many large companies and organizations.
Meanwhile, Cisco has acquired monitoring firm ThousandEyes in a deal believed to be worth a total of $1 billion δολάρια. Η εταιρεία του San Francisco θα συγχωνευθεί με τη νέα επιχειρηματική μονάδα της Cisco Networking Services.
