MyCyber.in

Cyber edu for all

CVE

Cisco SaltStack FrameWork: CVE-2020-11652

BySiddhant Pathak

May 29, 2020 , , ,

Risk:  Directory Traversal Vulnerability.

vulnerable parties: Companies using Cisco products with the vulnerable software release:

  • Cisco Modeling Labs Corporate Edition(CML)
  • Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE)

Flaw Description: An unauthorized user can access the server contents traversing the directories not permitted. it can result in damaging data, wiping of data and more.

Recommendations: Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license.

Products vulnerable: The following servers were compromised:

  • us-1.virl.info
  • us-2.virl.info
  • us-3.virl.info
  • us-4.virl.info
  • vsm-us-1.virl.info
  • vsm-us-2.virl.info

Documentation: Documentation can be found here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG

JBS, the world’s meat producer shelled out $11 million dollars in ransom to hackers.
What happened? JBS USA [part of J.B.S S.A group] confirmed that the …
CoWin Website hacked and 150 million registered user database stolen.
What Happened? A recent claim has been made on the dark web …
Bizongo, mumbai based Indian Supply chain suffered data breach.
What happened? Bizongo, India's mumbai based supply chain giant was recently discovered …
Upstox, India’s 2nd largest stockbroker hit by cyberattack.
What happened? According to the reports, Upstox, a stockbroker in India has …

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Related Post

CVE

Firefox CVE’s vulnerability list.

Jun 4, 2020 Siddhant Pathak
CVE

Do you Use Apple Watch? Then you might be vulnerable due to this vulnerability.

May 30, 2020 Siddhant Pathak
CVE

Cisco Servers compromised by hackers Via SaltStack Flaws

May 29, 2020 Siddhant Pathak

Have some thoughts? why not share with us here.

Check these too

Security Update

JBS, the world’s meat producer shelled out $11 million dollars in ransom to hackers.

Jun 11, 2021
Awareness India Security Update

CoWin Website hacked and 150 million registered user database stolen.

Jun 11, 2021
India Security Update

Bizongo, mumbai based Indian Supply chain suffered data breach.

Apr 15, 2021
India Security Update

Upstox, India’s 2nd largest stockbroker hit by cyberattack.

Apr 14, 2021
Hey we spotted an adblocker on your browser

Hello, Welcome to Stormbreaker.
We are happy that you opened our website but please disable the adblocker to view further.
Ads are a way this page is generating revenue and making this awesome site and people behind it working. 
Thank you in advanced.
Team Stormbreaker.