Critical Vulnerability in Data Centre Configuration Tool Gives “Full Remote Command Execution"

Discussion in 'other security issues & news' started by guest, Apr 30, 2020.

  1. guest

    guest Guest

    Critical Vulnerability in Data Centre Configuration Tool Gives “Full Remote Command Execution as Root"
    April 30, 2020
    https://www.cbronline.com/cybersecurity/threats/salt-vulnerability-f-secure/
     
    guest, Apr 30, 2020
    #1
  2. guest

    guest Guest

    Hackers breach LineageOS servers via unpatched vulnerability
    LineageOS source code, OS builds, and signing keys were unaffected, developers said
    May 3, 2020
    https://www.zdnet.com/article/hackers-breach-lineageos-servers-via-unpatched-vulnerability/
     
    guest, May 3, 2020
    #2
  3. guest

    guest Guest

    Ghost blogging platform servers hacked and infected with crypto-miner
    ...same vulnerability that allowed hackers to breach LineageOS servers hours before
    May 3, 2020
    https://www.zdnet.com/article/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner/
     
    guest, May 3, 2020
    #3
  4. guest

    guest Guest

    one more victim (DigiCert)
    Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers
    May 4, 2020
    https://www.securityweek.com/recent...ploited-hack-lineageos-ghost-digicert-servers
     
    guest, May 4, 2020
    #4
  5. guest

    guest Guest

    Search provider Algolia discloses security incident due to Salt vulnerability
    Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra
    May 6, 2020
    https://www.zdnet.com/article/searc...-security-incident-due-to-salt-vulnerability/
     
    guest, May 6, 2020
    #5
  6. guest

    guest Guest

    VMware to Patch Recent Salt Vulnerabilities in vROps
    May 11, 2020
    https://www.securityweek.com/vmware-patch-recent-salt-vulnerabilities-vrops
     
    guest, May 11, 2020
    #6
  7. guest

    guest Guest

    Cisco discloses security breach that impacted VIRL-PE infrastructure
    Hackers used vulnerabilities in the SaltStack data center software to breach six Cisco servers
    May 28, 2020
    https://www.zdnet.com/article/cisco-discloses-security-breach-that-impacted-virl-pe-infrastructure/
     
    guest, May 28, 2020
    #7
  8. guest

    guest Guest

    Cisco Announces Patches to SaltStack
    May 29, 2020
    https://www.darkreading.com/vulnera...announces-patches-to-saltstack/d/d-id/1337954
    Cisco Releases Security Updates for CML and VIRL-PE
     
    guest, May 31, 2020
    #8
  9. guest

    guest Guest

    SaltStack reveals new critical vulnerabilities, patch now
    November 3, 2020
    https://www.bleepingcomputer.com/ne...veals-new-critical-vulnerabilities-patch-now/
     
    guest, Nov 3, 2020
    #9
  10. guest

    guest Guest

    Detailing SaltStack Salt Command Injection Vulnerabilities
    November 24, 2020
    https://www.zerodayinitiative.com/b...tstack-salt-command-injection-vulnerabilities
     
    guest, Nov 25, 2020
    #10
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...