CVE-2017-10616

MEDIUM Year: 2017
CVSS v3 Score
5.3
Medium
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and have a combined CVSSv3 score of 5.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N).

Related Vulnerabilities

CVE-2013-1603

MEDIUM
CVSS:5.3(Medium)

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-523...

CWE-7982013

CVE-2017-12709

MEDIUM
CVSS:5.3(Medium)

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, ...

CWE-7982017

CVE-2017-2720

MEDIUM
CVSS:5.3(Medium)

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increas...

CWE-7982017

CVE-2018-0329

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote att...

CWE-7982018

CVE-2019-18831

MEDIUM
CVSS:5.3(Medium)

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

CWE-7982019

CVE-2020-15326

MEDIUM
CVSS:5.3(Medium)

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem.

CWE-7982020