CVE-2020-1676 - Vulnerability Details - OpenCVE

ReportizFlow

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Mist Cloud Ui

Configuration 1 [-]

cpe:2.3:a:juniper:mist_cloud_ui:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://kb.juniper.net/JSA11072

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2020-10-16T20:31:32.746Z

Updated: 2024-09-16T23:05:26.399Z

Reserved: 2019-11-04T00:00:00.000Z

Link: CVE-2020-1676

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-10-16T21:15:13.473

Modified: 2026-06-17T03:02:10.747

Link: CVE-2020-1676

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "MIST Cloud UI", "vendor": "Juniper Networks", "versions": [{"lessThan": "09/02/2020", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2020-10-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-16T20:31:32.000Z", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA11072"}], "solutions": [{"lang": "en", "value": "Mist Cloud UI has been updated on September 2 2020 to resolve this specific issue."}], "source": {"advisory": "JSA11072", "discovery": "INTERNAL"}, "title": "Juniper Networks Mist Cloud UI: SAML authentication response handling vulnerability.", "workarounds": [{"lang": "en", "value": "No workarounds are required since the issue has been resolved in the Mist cloud UI."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "DATE_PUBLIC": "2020-10-14T16:00:00.000Z", "ID": "CVE-2020-1676", "STATE": "PUBLIC", "TITLE": "Juniper Networks Mist Cloud UI: SAML authentication response handling vulnerability."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MIST Cloud UI", "version": {"version_data": [{"version_affected": "<", "version_value": "09/02/2020"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA11072", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11072"}]}, "solution": [{"lang": "en", "value": "Mist Cloud UI has been updated on September 2 2020 to resolve this specific issue."}], "source": {"advisory": "JSA11072", "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "No workarounds are required since the issue has been resolved in the Mist cloud UI."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:29.685Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA11072"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2020-1676", "datePublished": "2020-10-16T20:31:32.746Z", "dateReserved": "2019-11-04T00:00:00.000Z", "dateUpdated": "2024-09-16T23:05:26.399Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"affected": [{"affectedData": [{"product": "MIST Cloud UI", "vendor": "Juniper Networks", "versions": [{"lessThan": "09/02/2020", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "source": "[email protected]"}], "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juniper:mist_cloud_ui:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2A42305-039A-4AAC-8EEC-2D5421C42C8A", "versionEndExcluding": "2020-09-02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020."}, {"lang": "es", "value": "Cuando la autenticaci\u00f3n SAML est\u00e1 habilitada, Juniper Networks Mist Cloud UI puede manejar incorrectamente las respuestas SAML, permitiendo a un atacante remoto modificar una respuesta SAML v\u00e1lida sin invalidar su firma criptogr\u00e1fica para omitir los controles de seguridad de autenticaci\u00f3n SAML. Este problema afecta a todas las versiones de Juniper Networks Mist Cloud UI anteriores al 2 de septiembre de 2020"}], "id": "CVE-2020-1676", "lastModified": "2026-06-17T03:02:10.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-10-16T21:15:13.473", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA11072"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA11072"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}