VYPR

Paragon Active Assurance

by Juniper Networks

CVEs (6)

  • CVE-2024-30381Apr 12, 2024
    risk 0.00cvss epss 0.00

    An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks Paragon Active Assurance Control Center allows a network-adjacent attacker with root access to a Test Agent Appliance the ability to access sensitive information about downstream…

  • CVE-2024-21589Jan 12, 2024
    risk 0.00cvss epss 0.00

    An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated network-based attacker to access reports without authenticating, potentially containing sensitive configuration information. A feature was…

  • CVE-2023-28971Apr 17, 2023
    risk 0.00cvss epss 0.00

    An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the timescaledb feature of Juniper Networks Paragon Active Assurance (PAA) (Formerly Netrounds) allows an attacker to bypass existing firewall rules and limitations used to restrict internal…

  • CVE-2022-22229Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability, a stored XSS (or persistent), in the Control Center Controller web pages of Juniper Networks Paragon Active Assurance (Formerly Netrounds) allows a high-privilege attacker with…

  • CVE-2022-22190Apr 14, 2022
    risk 0.00cvss epss 0.01

    An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports, potentially containing sensitive configuration information. A feature was introduced in…

  • CVE-2021-0232Apr 22, 2021
    risk 0.00cvss epss 0.01

    An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory…