Vulnerabilities > CVE-2022-44565 - Unspecified vulnerability in UI products

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

NVD

Published: 2022-12-23

Updated: 2023-06-27

Summary

An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device.

Vulnerable Configurations

Part	Description	Count
OS	Ui UI Airfiber Gigabeam Firmware * UI Airfiber 60 XG Firmware * UI Airfiber 60 HD Firmware * UI Airfiber 60 LR Firmware * UI Airmax AC Firmware 7.1.3 UI Airfiber 60 Firmware *	6
Hardware	Ui UI Airfiber Gigabeam - UI Airfiber 60 XG - UI Airfiber 60 HD - UI Airfiber 60 LR - UI Airmax AC - UI Airfiber 60 -	6

References

https://community.ui.com/releases/Security-Advisory-Bulletin-027-027/123e4577-9f00-4777-abe1-64a1d56fee05