Описание
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. These credentials allow network based attackers unauthorized access to information stored in keystone.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.0 (исключая)
cpe:2.3:a:juniper:contrail_service_orchestration:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00462
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. These credentials allow network based attackers unauthorized access to information stored in keystone.
EPSS
Процентиль: 64%
0.00462
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-798
CWE-798