PT-2020-14885 · Juniper Networks · Mist Cloud Ui

Published

2020-10-16

Updated

2021-10-19

CVE-2020-1677

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Juniper Networks Mist Cloud UI versions prior to September 2 2020

Description The issue arises when SAML authentication is enabled, and the Juniper Networks Mist Cloud UI incorrectly handles child elements in SAML responses. This allows a remote attacker to modify a valid SAML response without invalidating its cryptographic signature, thereby bypassing SAML authentication security controls.

Recommendations For versions prior to September 2 2020, update to a version released after September 2 2020 to resolve the issue. As a temporary workaround, consider disabling SAML authentication until a patch is available. Restrict access to the Mist Cloud UI to minimize the risk of exploitation.

Fix

Insufficient Verification of Data Authenticity

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-20

Related Identifiers

CVE-2020-1677

Affected Products

Mist Cloud Ui

PT-2020-14885 · Juniper Networks · Mist Cloud Ui

CVE-2020-1677

Weakness Enumeration

Related Identifiers

Affected Products

References · 3