First published: Tue Jan 15 2019(Updated: )
Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper Advanced Threat Prevention | >=5.0.0<5.0.3 | |
Juniper Atp400 | ||
Juniper Atp700 |
The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases. It is suggested to change the Splunk credentials after the upgrade to the fixed version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.