Search criteria
6 vulnerabilities found for unifi_protect_firmware by ui
FKIE_CVE-2020-8267
Vulnerability from fkie_nvd - Published: 2020-11-05 19:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ui | unifi_protect_firmware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BADEC43E-883C-4B11-9639-08102A8E3C0D",
"versionEndIncluding": "1.14.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using \u201cx-token\u201d improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un problema de seguridad en el controlador UniFi Protect versiones v1.14.10 y anteriores. La autenticaci\u00f3n en la API del controlador UniFi Protect estaba usando \"x-token\" inapropiadamente, permitiendo a atacantes usar la API para enviar mensajes autenticados sin un token v\u00e1lido. Esta vulnerabilidad fue corregida en UniFi Protect versiones v1.14.11 y m\u00e1s recientes. Este problema no afecta a UniFi Cloud Key Gen 2 plus. Este problema no afecta a los clientes de UDM-Pro con UniFi Protect detenido. Productos afectados: UDM-Pro versiones de firmware 1.7.2 y anteriores. UNVR versiones de firmware 1.3.12 y anteriores. Mitigaci\u00f3n: Actualice UniFi Protect a versi\u00f3n v1.14.11 o una versi\u00f3n m\u00e1s reciente;\u0026#xa0;El controlador UniFi Protect puede ser actualizado mediante la configuraci\u00f3n de su Sistema Operativo UniFi. Alternativamente, puede actualizar UNVR y UDM-Pro a: - UNVR hasta versiones de firmware 1.3.15 o m\u00e1s reciente - UDM-Pro hasta versiones de firmware 1.8.0 o m\u00e1s recientes"
}
],
"id": "CVE-2020-8267",
"lastModified": "2024-11-21T05:38:37.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-05T19:15:13.960",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
},
{
"source": "support@hackerone.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-8188
Vulnerability from fkie_nvd - Published: 2020-07-02 19:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ui | unifi_protect_firmware | * | |
| ui | unifi_protect | - | |
| ui | unifi_protect_firmware | * | |
| ui | unifi_cloud_key_plus | - | |
| ui | unifi_dream_machine_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B158F107-EA41-454E-BD5C-5349C8F5605B",
"versionEndIncluding": "1.13.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_protect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6676A008-0522-4585-A95D-3F42C69E9C40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C78A4B-2DBF-4774-B695-F1CC17D75255",
"versionEndIncluding": "1.14.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4ED829-08E6-4330-B105-DC01A3159C90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B493983E-8632-4492-9B0A-E8E11E0E0BB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges."
},
{
"lang": "es",
"value": "Recientemente hemos publicado una nueva versi\u00f3n del firmware UniFi Protect versi\u00f3n v1.13.3 y v1.14.10 para Unifi Cloud Key Gen2 Plus y UniFi Dream Machine Pro/UNVR respectivamente, que corrige las vulnerabilidades encontradas en el firmware Protect versiones v1.13.2, v1.14.9 y anteriores, de acuerdo con la siguiente descripci\u00f3n: Visualiza solo usuarios que pueden ejecutar determinados comandos personalizados que les permiten asignarse a si mismos roles no autorizados y escalar sus privilegios"
}
],
"id": "CVE-2020-8188",
"lastModified": "2024-11-21T05:38:27.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-02T19:15:12.823",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"source": "support@hackerone.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"source": "support@hackerone.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-8267 (GCVE-0-2020-8267)
Vulnerability from cvelistv5 – Published: 2020-11-05 18:28 – Updated: 2024-08-04 09:56
VLAI?
Summary
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer.
Severity ?
No CVSS data available.
CWE
- CWE-287 - Improper Authentication - Generic (CWE-287)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect |
Affected:
UniFi Protect v1.14.10 and earlier not fixed
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "UniFi Protect v1.14.10 and earlier not fixed"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using \u201cx-token\u201d improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T18:28:34",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect",
"version": {
"version_data": [
{
"version_value": "UniFi Protect v1.14.10 and earlier not fixed"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using \u201cx-token\u201d improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"name": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8267",
"datePublished": "2020-11-05T18:28:34",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8188 (GCVE-0-2020-8188)
Vulnerability from cvelistv5 – Published: 2020-07-02 18:35 – Updated: 2024-08-04 09:56
VLAI?
Summary
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.
Severity ?
No CVSS data available.
CWE
- CWE-77 - Command Injection - Generic (CWE-77)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR |
Affected:
Fixed in versions: v1.13.3 and v1.14.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions: v1.13.3 and v1.14.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection - Generic (CWE-77)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-02T18:35:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR",
"version": {
"version_data": [
{
"version_value": "Fixed in versions: v1.13.3 and v1.14.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection - Generic (CWE-77)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8188",
"datePublished": "2020-07-02T18:35:14",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8267 (GCVE-0-2020-8267)
Vulnerability from nvd – Published: 2020-11-05 18:28 – Updated: 2024-08-04 09:56
VLAI?
Summary
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer.
Severity ?
No CVSS data available.
CWE
- CWE-287 - Improper Authentication - Generic (CWE-287)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | UniFi Protect |
Affected:
UniFi Protect v1.14.10 and earlier not fixed
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UniFi Protect",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "UniFi Protect v1.14.10 and earlier not fixed"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using \u201cx-token\u201d improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T18:28:34",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UniFi Protect",
"version": {
"version_data": [
{
"version_value": "UniFi Protect v1.14.10 and earlier not fixed"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using \u201cx-token\u201d improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-11/928e6fac-afeb-49c2-93a5-1b3066bf2bbf"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-NVR-Firmware-1-3-15/c2a783a6-c996-43d9-ab95-8c97ae05a98f"
},
{
"name": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Dream-Machine-Firmware-1-8-0/deabc255-a081-49ba-8f51-131f3a13000a"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8267",
"datePublished": "2020-11-05T18:28:34",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8188 (GCVE-0-2020-8188)
Vulnerability from nvd – Published: 2020-07-02 18:35 – Updated: 2024-08-04 09:56
VLAI?
Summary
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.
Severity ?
No CVSS data available.
CWE
- CWE-77 - Command Injection - Generic (CWE-77)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR |
Affected:
Fixed in versions: v1.13.3 and v1.14.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions: v1.13.3 and v1.14.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection - Generic (CWE-77)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-02T18:35:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Protect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR",
"version": {
"version_data": [
{
"version_value": "Fixed in versions: v1.13.3 and v1.14.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection - Generic (CWE-77)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4",
"refsource": "MISC",
"url": "https://community.ui.com/releases/Security-advisory-bulletin-012-012/1bba9134-f888-4010-81c0-b0dd53b9bda4"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-13-3/f4be7d35-93a3-422b-8eef-122e442c00ba"
},
{
"name": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5",
"refsource": "MISC",
"url": "https://community.ui.com/releases/UniFi-Protect-1-14-10/48a8dbdd-b872-47fa-bbde-1d24ddf5d5b5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8188",
"datePublished": "2020-07-02T18:35:14",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}