exploitDog

CVE-2024-45205

Опубликовано: 04 дек. 2024

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point.

Affected Products: UniFi iOS App (Version 10.17.7 and earlier)

Mitigation: UniFi iOS App (Version 10.18.0 or later).

Ссылки

https://community.ui.com/releases/UniFi-iOS-10-18-0/42f02428-544c-4626-b5b3-5ae40308edc7

EPSS

Процентиль: 23%

0.00075

Низкий

7.1 High

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-gj29-j7qg-vpf7

CVSS3: 7.1

github

около 1 года назад

An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. Affected Products: UniFi iOS App (Version 10.17.7 and earlier) Mitigation: UniFi iOS App (Version 10.18.0 or later).

EPSS

Процентиль: 23%

0.00075

Низкий

7.1 High

CVSS3

Дефекты

CWE-295