CVE-2021-22944

EPSS 0.15%
Published 31.08.2021 17:15:07
Last modified 21.11.2024 05:50:59
Source support@hackerone.com
Teams watchlist Login
Open Login

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Ui ≫ Unifi Protect Version < 1.19.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.15%	0.321

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.7	5.1	10	AV:A/AC:L/Au:S/C:C/I:C/A:C

https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22944

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22944

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22944

EUVD