HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2017-0938

CVSS 7.5v3.1pub. 2019-02-12upd. 2024-11-21

Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Ui Airmax Ac

    HW
    Ui
    wszystkie wersje
  • Ui Airos

    OS
    Ui
    < 6.0.76.0.7 – 8.3.2 (bez)
  • Ui Edgemax

    HW
    Ui
    wszystkie wersje
  • Ui Edgemax Firmware

    OS
    Ui
    < 1.9.7
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2010-5330CRITICAL9.8⚠ KEVten sam produkt

On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) beca...

CVE-2020-8234CRITICAL9.8ten sam produkt

A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SI...

CVE-2020-8171CRITICAL9.8ten sam produkt

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vuln...

CVE-2015-9266CRITICAL9.8ten sam produkt

The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch)...

CVE-2020-8168HIGH8.8ten sam produkt

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vuln...