The salt configuration management vulnerability, CVE-2020-11651 and CVE-2020-11652, was exploited by attackers to gain unauthorized access to a large-scale organization's infrastructure. The attack, which occurred on May 3rd, 2020, involved the propagation of malware commands to hundreds of servers in Europe clusters, causing significant downtime for customers. Fortunately, no sensitive data was breached, but rather used solely for cryptocurrency mining. The incident highlights the importance of configuration management and the need for robust security measures to prevent similar attacks in the future. The organization has taken steps to improve its setup and infrastructure, including implementing a temporary fix and reworking the system sooner than planned.