PT-2019-17659 · Ubiquiti Networks · Edgeswitch X
Fr33Rh
·
Publicado
2019-04-10
·
Atualizado
2020-10-16
·
CVE-2019-5426
CVSS v2.0
5.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Ubiquiti Networks EdgeSwitch X versions 1.1.0 and prior
Description
The issue allows an unauthenticated user to utilize the local port forwarding and dynamic port forwarding functionalities, which can be exploited by remote attackers without credentials to access local services or forward traffic through the device if SSH is enabled.
Recommendations
For versions 1.1.0 and prior, consider disabling SSH in the system settings until a fix is available.
As a temporary workaround, restrict access to the local port forwarding and dynamic port forwarding functionalities to minimize the risk of exploitation.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Edgeswitch X