Vulnerabilities > Juniper > Contrail Service Orchestration > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-0038 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. | 9.8 |
| 2018-07-11 | CVE-2018-0039 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. | 9.8 |
| 2018-07-11 | CVE-2018-0040 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. | 9.8 |
| 2018-07-11 | CVE-2018-0041 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. | 9.8 |
| 2018-07-11 | CVE-2018-0042 | Information Exposure Through Log Files vulnerability in Juniper Contrail Service Orchestration Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability. | 9.8 |