A new critical Cisco vulnerability has been identified that concerns you: For those unfamiliar, Cisco recently announced that some of the Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE) support servers have been compromised by exploiting critical SaltStack vulnerabilities that were fixed last month.
"Cisco's infrastructure maintains the master-salt servers used with Cisco VIRL-PE," said a security adviser released earlier today. "These servers were upgraded on May 7, 2020."
“Cisco has found that Cisco salt-master servers maintained by Cisco VIRL-PE versions 1.2 and 1.3 are in risk. "
Six Cisco backend servers were breached
As described in detail by the company, the hackers could endanger six backend infrastructure servers: us-1.virl.info, us-2.virl.info, us-3.virl.info, us-4.virl.info, vsm -us-1.virl .info and vsm-us-2.virl.info.
The breached servers were updated and restored by Cisco on May 7, 2020, by applying code updates that address the vulnerability of authentication bypass (CVE-2020-11651) and the "directory traversal" (CVE-2020-11652) that affect SaltStack servers.