Lucene search

K
cve[email protected]CVE-2016-1280
HistorySep 09, 2016 - 2:05 p.m.

CVE-2016-1280

2016-09-0914:05:06
CWE-297
web.nvd.nist.gov
19
cve
juniper
junos os
pki
security
vulnerability
certificate validation
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.4 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

68.1%

PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.

Affected configurations

NVD
Node
juniperjunosRange12.1x44d50
OR
juniperjunosMatch12.1x46
OR
juniperjunosMatch12.1x46d10
OR
juniperjunosMatch12.1x46d15
OR
juniperjunosMatch12.1x46d20
OR
juniperjunosMatch12.1x46d25
OR
juniperjunosMatch12.1x46d30
OR
juniperjunosMatch12.1x46d35
OR
juniperjunosMatch12.1x47
OR
juniperjunosMatch12.1x47d10
OR
juniperjunosMatch12.1x47d15
OR
juniperjunosMatch12.1x47d20
OR
juniperjunosMatch12.1x47d25
OR
juniperjunosMatch12.3
OR
juniperjunosMatch12.3r1
OR
juniperjunosMatch12.3r10
OR
juniperjunosMatch12.3r11
OR
juniperjunosMatch12.3r2
OR
juniperjunosMatch12.3r3
OR
juniperjunosMatch12.3r4
OR
juniperjunosMatch12.3r5
OR
juniperjunosMatch12.3r6
OR
juniperjunosMatch12.3r7
OR
juniperjunosMatch12.3r8
OR
juniperjunosMatch12.3r9
OR
juniperjunosMatch12.3x48d10
OR
juniperjunosMatch12.3x48d15
OR
juniperjunosMatch12.3x50
OR
juniperjunosMatch13.3
OR
juniperjunosMatch13.3r1
OR
juniperjunosMatch13.3r2
OR
juniperjunosMatch13.3r2-s2
OR
juniperjunosMatch13.3r3
OR
juniperjunosMatch13.3r4
OR
juniperjunosMatch13.3r5
OR
juniperjunosMatch13.3r6
OR
juniperjunosMatch13.3r7
OR
juniperjunosMatch13.3r8
OR
juniperjunosMatch13.3r9
OR
juniperjunosMatch14.1
OR
juniperjunosMatch14.1r1
OR
juniperjunosMatch14.1r2
OR
juniperjunosMatch14.1r3
OR
juniperjunosMatch14.1r4
OR
juniperjunosMatch14.1r5
OR
juniperjunosMatch14.1r6
OR
juniperjunosMatch14.1r7
OR
juniperjunosMatch14.1x53d10
OR
juniperjunosMatch14.1x53d15
OR
juniperjunosMatch14.1x53d16
OR
juniperjunosMatch14.1x53d25
OR
juniperjunosMatch14.1x53d26
OR
juniperjunosMatch14.1x53d27
OR
juniperjunosMatch14.1x53d30
OR
juniperjunosMatch14.1x53d35
OR
juniperjunosMatch14.2
OR
juniperjunosMatch14.2r1
OR
juniperjunosMatch14.2r2
OR
juniperjunosMatch14.2r3
OR
juniperjunosMatch14.2r4
OR
juniperjunosMatch14.2r5
OR
juniperjunosMatch14.2r6
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1x49d10
OR
juniperjunosMatch15.1x53d10
OR
juniperjunosMatch15.1x53d20
OR
juniperjunosMatch15.1x53d21
OR
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d32
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d34
OR
juniperjunosMatch16.1

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.4 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

68.1%