5 matches found
CVE-2022-22190
CVE-2022-22190 describes an information-disclosure vulnerability in Juniper Networks Paragon Active Assurance Control Center v3.1.0. An unauthenticated attacker can craft a URL to generate PDF reports that may reveal sensitive configuration data, by exploiting a feature that shares account data v...
CVE-2024-30381
CVE-2024-30381 affects Juniper Networks Paragon Active Assurance Control Center (versions 4.1.0–4.2.0). The netrounds-probe-login (probe_serviced) daemon exposes functions that let a Test Agent Appliance push interface state/config and unregister, inadvertently revealing an internal database obje...
CVE-2021-0232
The CVE-2021-0232 affecting Juniper Networks Paragon Active Assurance Control Center is an authentication bypass vulnerability. An attacker with deployment-specific information could mimic an already registered Test Agent and access its configuration and related inventory details, potentially lea...
CVE-2022-22229
CVE-2022-22229 is a stored XSS vulnerability in Juniper Networks Paragon Active Assurance (Netrounds) Control Center Controller web pages. The issue arises from improper neutralization of input during web page generation, allowing a high-privilege attacker with WRITE permissions to inject scripts...
CVE-2024-21589
The CVE affects Juniper Networks Paragon Active Assurance Control Center. It is an Improper Access Control vulnerability that allows an unauthenticated network-based attacker to access reports (potentially exposing sensitive configuration data). Affected versions are 3.1.0, 3.2.0, 3.2.2, 3.3.0, 3...