Vulnerabilities > CVE-2014-2226 - Credentials Management vulnerability in UI Unifi Controller
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Common Weakness Enumeration (CWE)
Packetstorm
data source | https://packetstormsecurity.com/files/download/127616/ubiquiti-disclose.txt |
id | PACKETSTORM:127616 |
last seen | 2016-12-05 |
published | 2014-07-25 |
reporter | Seth Art |
source | https://packetstormsecurity.com/files/127616/Ubiquiti-UbiFi-Controller-2.4.5-Password-Hash-Disclosure.html |
title | Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure |