Clear Text Logging of Secret Passphrases in Juniper ATP 5.0 Versions Prior to 5.0.4

Clear Text Logging of Secret Passphrases in Juniper ATP 5.0 Versions Prior to 5.0.4

CVE-2019-0021 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4.

Learn more about our Cis Benchmark Audit For Juniper.