Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Juniper Networks Mist Cloud UI: SAML authentication attribute elements handling vulnerability.
Vulnerability Description
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper Networks Mist Cloud UI versions prior to September 2 2020.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Juniper Networks Mist Cloud 数据伪造问题漏洞
Vulnerability Description
Juniper Networks Mist Cloud是美国瞻博网络(Juniper Networks)公司的一个简化云管理并帮助用户防止供应商和复杂性锁定的平台。它为跨公有和私有云,Docker容器和KVM虚拟机管理程序的服务器提供成本和使用情况报告,RBAC,管理,供应,编排,监控和自动化。 Juniper Networks Mist Cloud UI 存在数据伪造问题漏洞,该漏洞源于当SAML身份验证被启用时可能会错误地处理SAML响应中的子元素,攻击者可利用该漏洞修改有效的SAML响应,而不会使其
CVSS Information
N/A
Vulnerability Type
N/A