Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities. The flaws exist in the open-source Salt management framework, which are used in Cisco network-tooling products.
Two Cisco products incorporate a version of SaltStack that is running the vulnerable salt-master service. The first is Cisco Modeling Labs Corporate Edition (CML), which gives users a virtual sandbox environment to design and configure network topologies. The second is Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE), used to design, configure and operate networks using versions of Cisco’s network operating systems.