VYPR

Contrail

by Juniper Networks

CVEs (3)

  • CVE-2017-10616MedOct 13, 2017
    risk 0.35cvss 5.3epss 0.01

    The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be…

  • CVE-2017-10617MedOct 13, 2017
    risk 0.33cvss 5.0epss 0.02

    The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Affected releases are Juniper Networks Contrail 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2…

  • CVE-2021-0279Jul 15, 2021
    risk 0.00cvss epss 0.01

    Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to…