CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the control interface of Juniper Networks’ Contrail Service Orchestration allows a attacker to enhance their privileges and gain full control over the application.

The vulnerability of the Juniper Networks Contrail Service Orchestration software platform is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and gain full control over the application...

7.3CVSS7.2AI score0.00225EPSS

Exploits0References3

The Hacker News•added 2022/07/18 5:2 a.m.•153 views

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to...

7.7CVSS0.5AI score0.52838EPSS

Exploits10

BDU FSTEC•added 2022/04/27 12:0 a.m.•5 views

The vulnerability of the Juniper Networks Contrail Service Orchestration software lies in a failure of the protection mechanism in the REST API, which allows an attacker to disclose protected information.

The vulnerability of the Juniper Networks Contrail Service Orchestration software is related to a failure in the protection mechanism of the REST API. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

7.7CVSS6.5AI score0.0078EPSS

Exploits0References3Affected Software1

OSV•added 2022/04/14 4:15 p.m.•2 views

CVE-2022-22189

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

7.8CVSS7.1AI score0.00225EPSS

Exploits0References1

NVD•added 2022/04/14 4:15 p.m.•19 views

CVE-2022-22189

7.8CVSS0.00225EPSS

Exploits0References1

Prion•added 2022/04/14 4:15 p.m.•20 views

Design/Logic Flaw

7.2CVSS7.5AI score0.00225EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/04/14 3:50 p.m.•23 views

CVE-2022-22189 Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication

7.3CVSS7.8AI score0.00225EPSS

Exploits0References1

CVE•added 2022/04/14 3:50 p.m.•89 views

CVE-2022-22189

CVE-2022-22189 (Contrail Service Orchestration) : An Incorrect Ownership Assignment vulnerability affects Juniper Networks CSO 6.0.0 on on‑prem installations, prior to 6.0.0 Patch v3. A locally authenticated user can elevate permissions and take control of the local system they are authenticated ...

7.8CVSS7.3AI score0.00225EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/04/14 12:0 a.m.•2 views

Juniper Networks Contrail Service Orchestration 安全漏洞

Juniper Networks Contrail Service Orchestration is a powerful software platform from Juniper Networks, Inc. for connecting many enterprise and multi-tenant service provider solutions. A security vulnerability exists in Juniper Networks Contrail Service Orchestration CSO versions prior to 6.0.0 th...

7.8CVSS7.4AI score0.00225EPSS

Exploits0References2

ATTACKERKB•added 2022/04/13 4:0 p.m.•6 views

CVE-2022-22189

7.8CVSS7.2AI score0.00225EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by