SNMP Community String Disclosure to ReadOnly Users on EdgeSwitch
High
U
Ubiquiti Inc.
Submitted None
Team Summary
Official summary from Ubiquiti Inc.
Read only users could execute unauthorized tasks and through SNMP community string pages. These vulnerabilities were found on EdgeSwitch 1G switch (ESWH) and EdgeSwitch 10G switch (ESGH) firmware v1.9.0. The fix for these vulnerabilities were included in the EdgeMax EdgeSwitch firmware v1.9.1 For more details please visit: https://community.ui.com/releases/EdgeMAX-EdgeSwitch-Firmware-v1-9-1-v1-9-1/8a87dfc5-70f5-4055-8d67-570db1f5695c https://www.ui.com/download/edgemax
Actions:
Reported by
fr33rh
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Information Disclosure