CVE-2021-22943
First published: Tue Aug 31 2021(Updated: )
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ui Unifi Protect | <1.19.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-22943?
CVE-2021-22943 is a vulnerability found in UniFi Protect application V1.18.1 and earlier that allows a malicious actor to control the Protect camera(s) assigned to a network they have already gained access to.
What is the severity of CVE-2021-22943?
The severity of CVE-2021-22943 is critical with a CVSS score of 9.6.
How can I fix CVE-2021-22943?
To fix CVE-2021-22943, you should update the UniFi Protect application to version 1.19.0 or later.
Where can I find more information about CVE-2021-22943?
You can find more information about CVE-2021-22943 in the security advisory bulletin released by UI Community.
What is CWE-287?
CWE-287 refers to a weakness in authentication or authorization where an actor can gain access to resources they are not authorized for.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- vendor/ui
- canonical/ui unifi protect