UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen2 and Cloud Key Gen2 Plus.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ubiquiti
Ubiquiti unifi Os |
|
Weaknesses | CWE-863 | |
CPEs | cpe:2.3:a:ubiquiti:unifi_os:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ubiquiti
Ubiquiti unifi Os |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2023-06-30T23:39:29.425Z
Updated: 2024-11-26T19:07:26.989Z
Reserved: 2023-05-01T01:00:12.219Z
Link: CVE-2023-31997
Vulnrichment
Updated: 2024-08-02T15:03:28.530Z
NVD
Status : Modified
Published: 2023-07-01T00:15:10.337
Modified: 2024-11-26T19:15:20.320
Link: CVE-2023-31997
Redhat
No data.