CVE-2021-22944
First published: Tue Aug 31 2021(Updated: )
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| UniFi Protect | <1.19.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this UniFi Protect vulnerability?
The vulnerability ID for this UniFi Protect vulnerability is CVE-2021-22944.
What is the severity of CVE-2021-22944?
The severity of CVE-2021-22944 is high.
Which version of UniFi Protect is affected by CVE-2021-22944?
UniFi Protect application V1.18.1 and earlier versions are affected by CVE-2021-22944.
How can I fix CVE-2021-22944?
You can fix CVE-2021-22944 by updating UniFi Protect application to V1.19.0 or later.
Where can I find more information about CVE-2021-22944?
You can find more information about CVE-2021-22944 in the security advisory bulletin provided by UniFi: [link](https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f)
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ui
- canonical/unifi protect