CVE-2018-0042 β€” Log File Information Exposure in Juniper Contrail Service Orchestration

CWE-532 β€” Log File Information Exposure5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.3%
top 45.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Contrail Service Orchestration
Timeline
PublishedJul 11
Latest updateMay 13

Description

Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-r658-8hfr-mhc6: Juniper Networks CSO versions prior to 4β†—2022-05-13
β–Ά
CVEList
CVE-2018-0042: Juniper Networks CSO versions prior to 4β†—2018-07-11
β–Ά

πŸ’₯Exploits & PoCs

1
Exploit-DB
Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion↗2018-08-17
β–Ά

πŸ“‹Vendor Advisories

1
Juniper
CVE-2018-0042: Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.β†—2018-07-11
β–Ά
CVE-2018-0042 β€” Log File Information Exposure | cvebase