CVE-2020-8213
First published: Thu Jul 30 2020(Updated: )
An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ui Unifi Protect | <=1.13.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this information exposure vulnerability?
The vulnerability ID is CVE-2020-8213.
What is the severity of CVE-2020-8213?
The severity of CVE-2020-8213 is medium with a CVSS score of 5.3.
What is the affected software version for CVE-2020-8213?
The affected software version for CVE-2020-8213 is UniFi Protect before v1.13.4-beta.5.
How can unauthenticated attackers exploit CVE-2020-8213?
Unauthenticated attackers can exploit CVE-2020-8213 by gaining access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.
Is there a fix available for CVE-2020-8213?
Yes, a fix is available for CVE-2020-8213 in UniFi Protect v1.13.4-beta.5 and later versions.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ui
- canonical/ui unifi protect
- version/ui unifi protect/1.13.3