Dead Code

CVE-2018-0039

Medium

6.5/10

Summary

Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafana or exploit other weaknesses or vulnerabilities in Grafana.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-561 - Dead Code

The software contains dead code, which can never be executed.

References

Advisory Timeline

Published Jul 11, 2018

Dead Code

CVE-2018-0039

Summary

CWE-561 - Dead Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS