CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0040

Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2018-0040

Juniper » Contrail Service Orchestration » Version: 1.0.0

cpe:2.3:a:juniper:contrail_service_orchestration:1.0.0
Juniper » Contrail Service Orchestration » Version: 1.5.0

cpe:2.3:a:juniper:contrail_service_orchestration:1.5.0
Juniper » Contrail Service Orchestration » Version: 2.0.0

cpe:2.3:a:juniper:contrail_service_orchestration:2.0.0
Juniper » Contrail Service Orchestration » Version: 2.1.0

cpe:2.3:a:juniper:contrail_service_orchestration:2.1.0
Juniper » Contrail Service Orchestration » Version: 2.1.1

cpe:2.3:a:juniper:contrail_service_orchestration:2.1.1
Juniper » Contrail Service Orchestration » Version: 3.0.0

cpe:2.3:a:juniper:contrail_service_orchestration:3.0.0
Juniper » Contrail Service Orchestration » Version: 3.0.1

cpe:2.3:a:juniper:contrail_service_orchestration:3.0.1
Juniper » Contrail Service Orchestration » Version: 3.1.0

cpe:2.3:a:juniper:contrail_service_orchestration:3.1.0
Juniper » Contrail Service Orchestration » Version: 3.2.0

cpe:2.3:a:juniper:contrail_service_orchestration:3.2.0
Juniper » Contrail Service Orchestration » Version: 3.3.0

cpe:2.3:a:juniper:contrail_service_orchestration:3.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0040

Products

Pricing

Contact Us