Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper contrail service orchestration vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-22152
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API, one tenant is able to obtain...
Juniper Contrail Service Orchestration 6.1.0
Juniper Contrail Service Orchestration
9.8
CVSSv3
CVE-2018-0038
Juniper Networks Contrail Service Orchestration releases before 3.3.0 have Cassandra service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Cassandra.
Juniper Contrail Service Orchestration
9.8
CVSSv3
CVE-2018-0040
Juniper Networks Contrail Service Orchestrator versions before 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based malicious users to gain unauthorized access to services.
Juniper Contrail Service Orchestration
9.8
CVSSv3
CVE-2018-0042
Juniper Networks CSO versions before 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.
Juniper Contrail Service Orchestration
9.8
CVSSv3
CVE-2018-0039
Juniper Networks Contrail Service Orchestration releases before 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafana or exploit other weaknesses or vulnerabil...
Juniper Contrail Service Orchestration
9.8
CVSSv3
CVE-2018-0041
Juniper Networks Contrail Service Orchestration releases before 3.3.0 use hardcoded credentials to access Keystone service. These credentials allow network based attackers unauthorized access to information stored in keystone.
Juniper Contrail Service Orchestration
7.8
CVSSv3
CVE-2022-22189
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. T...
Juniper Contrail Service Orchestration 6.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started