SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.
References
Link | Resource |
---|---|
https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c | Release Notes Vendor Advisory |
https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124 | Release Notes Vendor Advisory |
https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391 | Vendor Advisory |
https://hackerone.com/reports/519582 | Permissions Required |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2019-07-30T20:19:48
Updated: 2019-07-30T20:19:48
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5456
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-30T21:15:12.037
Modified: 2022-12-06T20:51:30.887
Link: CVE-2019-5456
JSON object: View
Redhat Information
No data.