Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Juniper Networks Mist Cloud UI: SAML authentication response handling vulnerability.
Vulnerability Description
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Juniper Networks Mist Cloud 输入验证错误漏洞
Vulnerability Description
Juniper Networks Mist Cloud是美国瞻博网络(Juniper Networks)公司的一个简化云管理并帮助用户防止供应商和复杂性锁定的平台。它为跨公有和私有云,Docker容器和KVM虚拟机管理程序的服务器提供成本和使用情况报告,RBAC,管理,供应,编排,监控和自动化。 Juniper Networks Mist Cloud UI 存在安全漏洞,该漏洞源于当SAML身份验证被启用时可能会错误地处理SAML响应,攻击者可利用该漏洞修改有效的SAML响应,而不会使其加密签名失效,从而
CVSS Information
N/A
Vulnerability Type
N/A