Risk:  Unauthorized User can bypass the authentication.

vulnerable parties: Companies using Cisco products with the vulnerable software release:

  • Cisco Modeling Labs Corporate Edition(CML)
  • Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE)

Flaw Description: An unauthorized user can access the server contents by bypassing authentication. it can result in mass data breach and other things.

Recommendations: Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license.

Products vulnerable: The following servers were compromised:

  • us-1.virl.info
  • us-2.virl.info
  • us-3.virl.info
  • us-4.virl.info
  • vsm-us-1.virl.info
  • vsm-us-2.virl.info

Documentation: Documentation can be found here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG

JBS, the world’s meat producer shelled out $11 million dollars in ransom to hackers.
What happened? JBS USA [part of J.B.S S.A group] confirmed that the …
CoWin Website hacked and 150 million registered user database stolen.
What Happened? A recent claim has been made on the dark web …
Bizongo, mumbai based Indian Supply chain suffered data breach.
What happened? Bizongo, India's mumbai based supply chain giant was recently discovered …
Upstox, India’s 2nd largest stockbroker hit by cyberattack.
What happened? According to the reports, Upstox, a stockbroker in India has …
One thought on “Cisco: CVE-2020-11651 SaltStack FrameWork”

Leave a Reply to Cisco Servers compromised by hackers Via SaltStack Flaws Cancel reply

Hey we spotted an adblocker on your browser

Hello, Welcome to Stormbreaker.
We are happy that you opened our website but please disable the adblocker to view further.
Ads are a way this page is generating revenue and making this awesome site and people behind it working. 
Thank you in advanced.
Team Stormbreaker.