CVE-2019-0020

CRITICAL

Juniper Advanced Threat Prevention 5.0.0-5.0.2 - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Description

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10918

Scores

CVSS v3 10.0
EPSS 0.0041
EPSS Percentile 61.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-798
Status published
Products (1)
juniper/advanced_threat_prevention 5.0.0 - 5.0.3
Published Jan 15, 2019
Tracked Since Feb 18, 2026