Contrail Networking: Administrator credentials are exposed in a plaintext file
CVE-2021-0212

5MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Contrail Networking
Vendor: CVE Published:; 15 January 2021

Badges

👾 Exploit Exists

Summary

An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally authenticated attacker able to read files to retrieve administrator credentials stored in plaintext thereby elevating their privileges over the system. This issue affects: Juniper Networks Contrail Networking versions prior to 1911.31.

Affected Version(s)

Contrail Networking < 1911.31

References

https://kb.juniper.net/JSA11102

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Jan 15, 2021
Vulnerability Reserved
Oct 27, 2020