CVE-2019-0021
published 2019-01-15CVE-2019-0021: On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to…
medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | advanced_threat_prevention | >= 5.0.0 < 5.0.4 | 5.0.4 |
| juniper_networks | juniper_atp | >= 5.0 < 5.0.4 | 5.0.4 |