CVE-2021-0212 MEDIUM

CVE-2021-0212: Contrail Networking: Administrator credentials are exposed in a plaintext file

Vendor Juniper Networks
Product Contrail Networking
Weakness CWE-200 · Info exposure
Published January 15, 2021
Last update September 16, 2024
View on NVD All CVEs

CVSS base score

5.0/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally authenticated attacker able to read files to retrieve administrator credentials stored in plaintext thereby elevating their privileges over the system. This issue affects: Juniper Networks Contrail Networking versions prior to 1911.31.

Key dates

02Disclosure timeline

January 15, 2021 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-8801 Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure CVE-2024-34382 WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.18 - Sensitive Data Exposure vulnerability CVE-2024-27277 IBM Storage Protect Plus Server information disclosure CVE-2022-40194 WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure vulnerability CVE-2025-30474 Apache Commons VFS: Failing to find an FTP file can reveal the URI's password in an error message