Information Disclosure: API and Device Keys Logged in Readable File on Juniper ATP

Information Disclosure: API and Device Keys Logged in Readable File on Juniper ATP

CVE-2019-0004 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.

Learn more about our Cis Benchmark Audit For Juniper.