LOW🇬🇧 English

CVE-2014-2226

CVSS 2.6v2.0pub. 2014-07-29upd. 2026-05-06

Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

oryginał EN
CVSS Vector
AV:N/AC:H/Au:N/C:P/I:N/A:N
  • Ui Unifi Controller

    APP
    Ui
    ≤ 2.4.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-27888HIGH7.5ten sam produkt

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0....

CVE-2020-12695HIGH7.5ten sam produkt

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subs...

CVE-2014-2225HIGH8.8ten sam produkt

Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 ...

CVE-2019-5456HIGH8.1ten sam produkt

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= ...

CVE-2013-3572MEDIUM6.1ten sam produkt

Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiquiti Netwo...