Skip to main content

Contrail

2 CVEs product

Monthly

CVE-2017-10617 MEDIUM This Month

The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Juniper Contrail
NVD GitHub
CVSS 3.1
5.0
EPSS
2.3%
CVE-2017-10616 MEDIUM This Month

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Contrail
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
EPSS 2% CVSS 5.0
MEDIUM This Month

The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Juniper Contrail
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Contrail
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy