Unifi Protect Security Vulnerabilities and Issues — Unifi Protect CVE List

Lucene search

UiUnifi Protect

4 matches found

CVE•added 2021/11/24 7:15 p.m.•46 views

CVE-2021-22957

A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect applicati...

8.8CVSS8.4AI score0.00439EPSS

CVE•added 2021/08/31 5:15 p.m.•43 views

CVE-2021-22944

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

8CVSS7.8AI score0.0015EPSS

CVE•added 2021/08/31 5:15 p.m.•38 views

CVE-2021-22943

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

9.6CVSS9AI score0.00116EPSS

CVE•added 2020/07/30 1:15 p.m.•36 views

CVE-2020-8213

An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.

5.3CVSS5.3AI score0.0039EPSS