3 matches found
CVE-2023-31997
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...
CVE-2023-31997
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both 1 running UniFi OS 3.1 and 2 hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen...
CVE-2023-31997
CVE-2023-31997 concerns UniFi OS 3.1 where a misconfiguration in consoles running UniFi Network enables local-network users to access MongoDB on applicable Cloud Keys (Gen2 and Gen2 Plus) hosting UniFi Network. Impact described as local access to MongoDB; CVSS 3.1 base score 9.0 (Critical) with h...