What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass certificate validation mechanisms and provide arbitrary certificates that do not have proper signatures. According to the CVSS metric, the attack vector is network (AV:N), privilege required is low (PR:L) and user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability? A security feature bypass vulnerability exists when On-Prem Data Gateway does not perform certificate validation logic correctly and impacts the reliability of the backend infrastructure's workflow. An authenticated attacker with normal user privileges, via network connection or web request, could provide the workflow with an arbitrary untrusted certificate, with an arbitrary common name, which does not have proper signature.
Stav Nir