HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2020-27888

CVSS 7.5v3.1pub. 2020-10-27upd. 2024-11-21

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Ui Unifi Controller

    HW
    Ui
    wszystkie wersje
  • Ui Unifi Controller Firmware

    OS
    Ui
    6.0.28
  • Ui Unifi Meshing Access Point

    HW
    Ui
    wszystkie wersje
  • Ui Unifi Meshing Access Point Firmware

    OS
    Ui
    4.3.21.11325
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-12695HIGH7.5ten sam produkt

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subs...

CVE-2014-2225HIGH8.8ten sam produkt

Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 ...

CVE-2019-5456HIGH8.1ten sam produkt

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= ...

CVE-2013-3572MEDIUM6.1ten sam produkt

Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Netwo...

CVE-2014-2226LOW2.6ten sam produkt

Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows ...

CVE-2020-27888 β€” Ui β€” Unifi Controller β€” HIGH β€” CVSS 7.5 | CVEbaza.pl