Vulnerability Details CVE-2016-1280
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.4
References
Products affected by CVE-2016-1280
-
cpe:2.3:o:juniper:junos:12.1x44
-
cpe:2.3:o:juniper:junos:12.1x46
-
cpe:2.3:o:juniper:junos:12.1x47
-
cpe:2.3:o:juniper:junos:12.3
-
cpe:2.3:o:juniper:junos:12.3x48
-
cpe:2.3:o:juniper:junos:12.3x50
-
cpe:2.3:o:juniper:junos:13.3
-
cpe:2.3:o:juniper:junos:14.1
-
cpe:2.3:o:juniper:junos:14.1x53
-
cpe:2.3:o:juniper:junos:14.2
-
cpe:2.3:o:juniper:junos:15.1
-
cpe:2.3:o:juniper:junos:15.1x49
-
cpe:2.3:o:juniper:junos:15.1x53
-
cpe:2.3:o:juniper:junos:16.1