Cisco recently patched vulnerabilities in its SaltStack Framework after Salt master servers were compromised. The pair of vulnerabilities, CVE-2020-11651 and CVE-2020-11652, were discovered and patched by the Salt community, which found some 6,000 Salt masters globally that were affected. The vulnerabilities have been given a Common Vulnerability Scoring System (CVSS) score of 10, indicating that they are critical.
The vulnerabilities could allow a remote user to run arbitrary commands and access methods or directory paths for which they aren't authorized. This is possible because the affected software versions do not properly authorize certain users and sanitize particular commands.
Cisco Modeling Labs Corporate Edition (CML) and Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE) incorporate a version of SaltStack that is running the Salt master service that is affected by these vulnerabilities.
Salt is open source software for automating networking and security functions based on events and specific configurations. SaltStack is an implementation of Salt. Written in Python, it is widely used in network administration and security.
Cisco and the Salt community recommend that users immediately update software and harden their Salt environments.