A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server.
Metrics
Affected Vendors & Products
References
History
Mon, 28 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ubiquiti
Ubiquiti unifi Network Application |
|
Weaknesses | CWE-276 | |
CPEs | cpe:2.3:a:ubiquiti:unifi_network_application:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ubiquiti
Ubiquiti unifi Network Application |
|
Metrics |
cvssV3_1
|
Mon, 28 Oct 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. | |
References |
| |
Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2024-10-28T15:54:15.384Z
Updated: 2024-10-28T18:53:11.285Z
Reserved: 2024-07-27T01:04:08.014Z
Link: CVE-2024-42028
Vulnrichment
Updated: 2024-10-28T18:46:19.500Z
NVD
Status : Awaiting Analysis
Published: 2024-10-28T16:15:03.820
Modified: 2024-10-29T14:34:50.257
Link: CVE-2024-42028
Redhat
No data.