Описание
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.0 (исключая)
cpe:2.3:a:juniper:contrail_service_orchestration:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00162
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-321
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services.
EPSS
Процентиль: 37%
0.00162
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-321
CWE-798