CVE-2020-1675
moderate-risk
Published 2020-10-16
When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020.
Do I need to act?
-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.3/10
High
NETWORK
/ LOW complexity
Affected Products (1)
Mist Cloud Ui
Affected Vendors
References (2)
Vendor Advisory
https://kb.juniper.net/JSA11072
Vendor Advisory
https://kb.juniper.net/JSA11072
34
/ 100
moderate-risk
Severity
29/34 · Critical
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal