Vulnerability in Juniper Networks Contrail Service Orchestration
CVE-2018-0039
Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafan…
EPSS: 0.002 (48.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.
Affected products
- Juniper Networks Contrail Service Orchestration — versions unspecified
Weakness classification (CWE)
References
- kb.juniper.net/JSA10872 (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2018-0039?
- CVE-2018-0039 is a medium-severity vulnerability in Juniper Networks Contrail Service Orchestration, classified under Use of Hard-coded Credentials. CVSS score: 6.5/10. Published 2018-07-11.
- How severe is CVE-2018-0039?
- Medium severity. CVSS v3 base score is 6.5 out of 10.