Advertisement
Top
image credit: Pexels

Cisco Servers Hacked via Salt Vulnerabilities

May 29, 2020

Via: Security Week
Category:

Rated critical, the vulnerabilities, tracked as CVE-2020-11651 and CVE-2020-11652, were made public at the end of April, when SaltStack patches were released. The issue, however, only appears when unsecure settings are used.

The popular configuration tool uses a Salt Master to collect reports from agents called minions, and to deliver messages (configuration updates) to them. Typically, the Salt Master is not connected to the Internet, but roughly 6,000 instances were found exposed at the end of April.

Read More on Security Week

RELATED PUBLICATIONS

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector
Google Patches Exploited Pixel Vulnerabilities

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!