CVE-2014-2226

Name of the Vulnerable Software and Affected Versions Ubiquiti UniFi Controller versions prior to 3.2.1

Description The issue allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as the administrative password hash is logged in syslog messages.

Recommendations For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to syslog messages to minimize the risk of exploitation.