Lucene search
K

5 matches found

Prion
Prion
added 2022/04/14 4:15 p.m.21 views

Design/Logic Flaw

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

7.2CVSS7.5AI score0.00225EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/07/15 8:15 p.m.19 views

Hardcoded credentials

Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...

5.5CVSS5.5AI score0.00621EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/15 8:0 p.m.16 views

CVE-2021-0279 Contrail Cloud: Hardcoded credentials for RabbitMQ service

Juniper Networks Contrail Cloud CC releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative...

8.6CVSS8.7AI score0.00621EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/11 6:0 p.m.20 views

CVE-2018-0040 Contrail Service Orchestration: hardcoded cryptographic certificates and keys

Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services...

9.8CVSS9.5AI score0.01434EPSS
Exploits0References1
NVD
NVD
added 2017/10/13 5:29 p.m.30 views

CVE-2017-10616

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and ha...

6.4CVSS5AI score0.013EPSS
Exploits1References2
Rows per page
Query Builder