7.5
CVE-2026-56842
- EPSS 0.19%
- Veröffentlicht 02.07.2026 14:50:49
- Zuletzt bearbeitet 06.07.2026 19:27:30
- Quelle support@hackerone.com
- CVE-Watchlists
- Unerledigt
A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ui ≫ Unifi Network Application Version < 10.4.57
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.089 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| support@hackerone.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc