exploitDog

CVE-2025-23091

Опубликовано: 01 фев. 2025

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.

Ссылки

https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf

EPSS

Процентиль: 14%

0.00045

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-j57h-g9hv-4p44

CVSS3: 5.9

github

около 1 года назад

An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.

EPSS

Процентиль: 14%

0.00045

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-295