-
CVE-2023-32567
•
published on August 10, 2023
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
-
CVE-2023-32567
•
published on August 10, 2023
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
-
CVE-2023-32567
•
published on August 10, 2023
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
-
CVE-2023-32567
•
published on August 10, 2023
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
-
CVE-2023-32567
•
published on August 10, 2023
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
-
CVE-2023-35085
•
published on August 10, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-35085
•
published on August 10, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-35085
•
published on August 10, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-35085
•
published on August 10, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-35085
•
published on August 10, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-38034
•
published on August 10, 2023
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-38034
•
published on August 10, 2023
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-38034
•
published on August 10, 2023
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-38034
•
published on August 10, 2023
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-38034
•
published on August 10, 2023
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
-
CVE-2023-23342
•
published on August 10, 2023
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
-
CVE-2023-23342
•
published on August 10, 2023
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
-
CVE-2023-23342
•
published on August 10, 2023
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
-
CVE-2023-23342
•
published on August 10, 2023
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
-
CVE-2023-23342
•
published on August 10, 2023
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.