CVE-2021-22944

EPSS 0.15%
Veröffentlicht 31.08.2021 17:15:07
Zuletzt bearbeitet 21.11.2024 05:50:59
Quelle support@hackerone.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ui ≫ Unifi Protect Version < 1.19.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.321

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.7	5.1	10	AV:A/AC:L/Au:S/C:C/I:C/A:C

https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22944

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22944

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22944

EUVD