HIGH🇬🇧 English

CVE-2019-16889

CVSS 7.5v3.1pub. 2019-09-25upd. 2024-11-21

Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Ui Ep R6

    HW
    Ui
    wszystkie wersje
  • Ui Ep R6 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Ep R8

    HW
    Ui
    wszystkie wersje
  • Ui Ep R8 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er 12

    HW
    Ui
    wszystkie wersje
  • Ui Er 12 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er 4

    HW
    Ui
    wszystkie wersje
  • Ui Er 4 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er 6p

    HW
    Ui
    wszystkie wersje
  • Ui Er 6p Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er 8

    HW
    Ui
    wszystkie wersje
  • Ui Er 8 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er 8 Xg

    HW
    Ui
    wszystkie wersje
  • Ui Er 8 Xg Firmware

    OS
    Ui
    < 2.0.3
  • Ui Erlite 3

    HW
    Ui
    wszystkie wersje
  • Ui Erlite 3 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Erpoe 5

    HW
    Ui
    wszystkie wersje
  • Ui Erpoe 5 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Erpro 8

    HW
    Ui
    wszystkie wersje
  • Ui Erpro 8 Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er X

    HW
    Ui
    wszystkie wersje
  • Ui Er X Firmware

    OS
    Ui
    < 2.0.3
  • Ui Er X Sfp

    HW
    Ui
    wszystkie wersje
  • Ui Er X Sfp Firmware

    OS
    Ui
    < 2.0.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoSContainer
CWE
Referencje

Powiązane podatności

CVE-2023-2379HIGH7.5ten sam produkt

A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affe...

CVE-2023-23912HIGH8.8ten sam produkt

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Ver...

CVE-2018-5265HIGH7.2ten sam produkt

Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin ...

CVE-2023-2375MEDIUM6.3ten sam produkt

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This issue...

CVE-2023-2376MEDIUM6.3ten sam produkt

A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified as critical. A...