Описание
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Уязвимые конфигурации
Конфигурация 1Версия до 1.13.3 (включая)
cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.0039
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209
CWE-209
Связанные уязвимости
github
больше 3 лет назад
An information exposure vulnerability exists in UniFi Protect v1.13.3 and prior that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
EPSS
Процентиль: 60%
0.0039
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209
CWE-209