CVE-2019-0004
published 2019-01-15CVE-2019-0004: On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | advanced_threat_prevention | >= 5.0.0 < 5.0.3 | 5.0.3 |
| juniper_networks | juniper_atp | >= 5.0 < 5.0.3 | 5.0.3 |