UniFi Protect before v1.17.1 allows an attacker to use spoofed cameras to perform a denial-of-service attack that may cause the UniFi Protect controller to crash.
References
Link | Resource |
---|---|
https://community.ui.com/releases/Security-advisory-bulletin-017-017/071141e5-bc2e-4b71-81f3-5e499316fcee | Vendor Advisory |
https://hackerone.com/reports/1008579 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
30 Aug 2022, 22:38
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
27 Feb 2021, 05:00
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-400 | |
CPE | cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:* cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:* cpe:2.3:a:ui:unifi_protect_controller:*:*:*:*:*:*:*:* cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:* |
|
References | (MISC) https://hackerone.com/reports/1008579 - Third Party Advisory | |
References | (MISC) https://community.ui.com/releases/Security-advisory-bulletin-017-017/071141e5-bc2e-4b71-81f3-5e499316fcee - Vendor Advisory |
23 Feb 2021, 19:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-23 19:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-22882
Mitre link : CVE-2021-22882
CVE.ORG link : CVE-2021-22882
JSON object : View
Products Affected
ui
- unifi_dream_machine_pro
- unifi_cloud_key_plus
- unifi_network_video_recorder
- unifi_protect_controller
CWE