Vulnerabilities > Juniper > Contrail Service Orchestration > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-14 | CVE-2022-22189 | Unspecified vulnerability in Juniper Contrail Service Orchestration 6.0.0 An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. | 7.2 |
2018-07-11 | CVE-2018-0041 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. | 7.5 |
2018-07-11 | CVE-2018-0039 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. | 7.5 |
2018-07-11 | CVE-2018-0038 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. | 7.5 |