Описание
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Cassandra.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.0 (исключая)
cpe:2.3:a:juniper:contrail_service_orchestration:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00462
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Cassandra.
EPSS
Процентиль: 64%
0.00462
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798