Improper Check for Certificate Revocation

CVE-2020-1675

High

8.3/10

Summary

When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

CWE-299 - Improper Check for Certificate Revocation

The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.

References

Advisory Timeline

Published Oct 16, 2020

Improper Check for Certificate Revocation

CVE-2020-1675

Summary

CWE-299 - Improper Check for Certificate Revocation

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS