Vulnerability Description
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | <= 12.1x44 |
Related Weaknesses (CWE)
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755Vendor Advisory
- http://www.securityfocus.com/bid/91761
- http://www.securitytracker.com/id/1036303
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755Vendor Advisory
- http://www.securityfocus.com/bid/91761
- http://www.securitytracker.com/id/1036303
FAQ
What is CVE-2016-1280?
CVE-2016-1280 is a vulnerability with a CVSS score of 6.5 (MEDIUM). PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 b...
How severe is CVE-2016-1280?
CVE-2016-1280 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-1280?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos.