Cisco has once again made it to the news. But this time, it isn’t because of bug fixes, rather a security breach. As revealed, criminals targeted Cisco servers exploiting the SaltStack vulnerability.
Recently, Cisco has announced a security breach affecting part of its IT structure. Specifically, the breach affected some servers serving the backend infrastructure of Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE).
As explained in Cisco’s advisory, Cisco noted that the affected servers were running the vulnerable salt-master service. Hence, the two SaltStack vulnerabilities disclosed earlier this month allowed the hackers to breach Cisco servers.
As stated in the advisory,
Consequently, the breach affected the Cisco Modeling Labs Corporate Edition (CML) and VIRL-PE.
Specifically, the affected servers were servicing the Cisco VIRL-PE releases 1.2 and 1.3. The compromised servers include,