ByteOS Network

NVD Vulnerability Details :

CVE-2021-22943

Analyzed

Source-support@hackerone.com

Published At-31 Aug, 2021 | 17:15

Updated At-09 Sep, 2021 | 00:23

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.6	CRITICAL	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary	2.0	8.3	HIGH	AV:A/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Ubiquiti Inc.

>>unifi_protect>>Versions before 1.19.0(exclusive)

cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-287	Primary	nvd@nist.gov
CWE-287	Secondary	support@hackerone.com

References

Hyperlink	Source	Resource
https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f	support@hackerone.com	Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History