Stories
Slash Boxes
Comments

SoylentNews is people

Cisco Security Breach Hits Corporate Servers that Ran Unpatched Software

posted by Fnord666 on Saturday May 30 2020, @10:06PM   Printer-friendly

upstart writes in with an IRC submission:

Cisco security breach hits corporate servers that ran unpatched software:

Six servers Cisco uses to provide a virtual networking service were compromised by hackers who exploited critical flaws contained in unpatched versions the open source software service relies on, the company disclosed on Thursday.

The May 7 compromise hit six Cisco servers that provide backend connectivity to the Virtual Internet Routing Lab Personal Edition (VIRL-PE), a Cisco service that lets customers design and test network topologies without having to deploy actual equipment. Both the VIRL-PE and a related service, Cisco Modeling Labs Corporate Edition, incorporate the Salt management framework, which contained a pair of bugs that, when combined, was critical. The vulnerabilities became public on April 30.

[...] Cisco said that without updates, any VIRL-PE or CML products that are deployed in standalone or cluster configurations will remain vulnerable to the same sorts of compromises. The company released software updates for the two vulnerable products. Cisco rated the severity of the vulnerabilities with a ranking of 10 out of 10 on the CVSS scale.

The Salt vulnerabilities areĀ CVE-2020-11651, an authentication bypass, and CVE-2020-11652, a directory traversal. Together, they allow unauthorized access to the entire file system of the master salt server that services using Salt rely on. F-Secure, the firm that discovered the vulnerabilities, has a good description of them here.

Salt is described as "Software to automate the management and configuration of any infrastructure or application at scale."

Additional Info: https://community.saltstack.com/blog/critical-vulnerabilities-update-cve-2020-11651-and-cve-2020-11652/

Previously:
(2020-05-04) Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers

Original Submission

 
This discussion has been archived. No new comments can be posted.
Cisco Security Breach Hits Corporate Servers that Ran Unpatched Software | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0, Interesting) by Anonymous Coward on Saturday May 30 2020, @10:11PM (3 children)

    by Anonymous Coward on Saturday May 30 2020, @10:11PM (#1001182)

    Your last story said don't update your software; this story says do update your software.

    Which one should I believe, Soylent Boomers???

    Starting Score:    0  points
    Moderation   0  
       Interesting=1, Spam=1, Total=2
    Extra 'Interesting' Modifier   0  
    Total Score:   0  

  • (Score: 2) by hendrikboom on Saturday May 30 2020, @11:12PM (1 child)

    by hendrikboom (1125) Subscriber Badge on Saturday May 30 2020, @11:12PM (#1001212) Homepage Journal

    Depends on the software.

    • (Score: 0) by Anonymous Coward on Sunday May 31 2020, @12:06AM

      by Anonymous Coward on Sunday May 31 2020, @12:06AM (#1001222)

      Students, the most intelligent answer you can give to any question is, "It depends."
      Yes, you with your hand up. ... What's that now? You answered, "It depends" during your last thousand job interviews and you were rejected every time?
      What the fuck do I care. I got tenure.

      - Professor Cornelius Boomer

  • (Score: 0) by Anonymous Coward on Sunday May 31 2020, @07:03PM

    by Anonymous Coward on Sunday May 31 2020, @07:03PM (#1001465)

    Don't update. Switch from Cisco to Huawei... ;)