CVE-2019-0020

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0810%

EPSS Percentile0.78th

Published2019年1月15日

Last Modified2024年11月21日

Vulnerability Description

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3.

Affected Platforms (CPE)

💻

Juniper

Advanced Threat Prevention

>= 5.0.0 and < 5.0.3

References & Advisories

🔗 https://kb.juniper.net/JSA10918

関連する脆弱性情報

CVE-2016-63688.6

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System S...

CVE-2017-122448.6

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated...

CVE-2018-154375.5

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints runnin...

CVE-2020-16165.3

Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juni...