Information Disclosure: API and Device Keys Logged in Readable File on Juniper ATP
CVE-2019-0004 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
Learn more about our Cis Benchmark Audit For Juniper.