CVE-2019-0020

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.
References
Link Resource
https://kb.juniper.net/JSA10918 Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:juniper:advanced_threat_prevention:*:*:*:*:*:*:*:*
OR cpe:2.3:h:juniper:atp700:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:atp400:-:*:*:*:*:*:*:*

Information

Published : 2019-01-15 13:29

Updated : 2019-10-09 16:43


NVD link : CVE-2019-0020

Mitre link : CVE-2019-0020


JSON object : View

CWE
CWE-798

Use of Hard-coded Credentials

Advertisement

dedicated server usa

Products Affected

juniper

  • atp400
  • atp700
  • advanced_threat_prevention