CVE-2019-5456

Published: Jul 30, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.

Vendor	Product	Versions
UniFi	UniFi	affected `<= 5.10.21`

Weaknesses (CWE)

CWE-300

References

https://hackerone.com/reports/519582

x_refsource_MISC

https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391

x_refsource_CONFIRM

https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c

x_refsource_CONFIRM

https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-5456

Description

Affected Products

Weaknesses (CWE)

References