Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper advanced threat prevention vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-0020
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions before 5.0.3.
Juniper Advanced Threat Prevention
9.8
CVSSv3
CVE-2019-0022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions before 5.0.3.
Juniper Advanced Threat Prevention
7.8
CVSSv3
CVE-2019-0029
Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions before 5.0.3.
Juniper Advanced Threat Prevention
7.5
CVSSv3
CVE-2023-36843
An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based malicious user to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a ...
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
Juniper Junos
Juniper Junos 22.4
7.2
CVSSv3
CVE-2019-0030
Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions before 5.0.3.
Juniper Advanced Threat Prevention Firmware
5.5
CVSSv3
CVE-2019-0021
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions before 5.0.4.
Juniper Advanced Threat Prevention
5.5
CVSSv3
CVE-2019-0004
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions before 5.0.3.
Juniper Advanced Threat Prevention
5.4
CVSSv3
CVE-2019-0023
A persistent cross-site scripting (XSS) vulnerability in the Golden VM menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perf...
Juniper Advanced Threat Prevention
5.4
CVSSv3
CVE-2019-0026
A persistent cross-site scripting (XSS) vulnerability in the Zone configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to ...
Juniper Advanced Threat Prevention
5.4
CVSSv3
CVE-2019-0027
A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative u...
Juniper Advanced Threat Prevention
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »