CVE-2021-0212 – Contrail Networking: Administrator credentials are exposed in a plaintext file

https://notcve.org/view.php?id=CVE-2021-0212

An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally authenticated attacker able to read files to retrieve administrator credentials stored in plaintext thereby elevating their privileges over the system. This issue affects: Juniper Networks Contrail Networking versions prior to 1911.31. Una vulnerabilidad de Exposición de Información en Juniper Networks Contrail Networking, permite a un atacante autenticado localmente sea capaz de leer archivos para recuperar las credenciales de administrador almacenadas en texto plano, elevando así sus privilegios sobre el sistema. Este problema afecta: Juniper Networks Contrail Networking versiones anteriores a 1911.31 • https://kb.juniper.net/JSA11102 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •