CVE-2019-5456

Summary

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.

Affected Software

VendorProductVersion RangeStatus
UniFiUniFi<= 5.10.21affected

Weaknesses

  • CWE-300: Man-in-the-Middle (CWE-300)

ADP Enrichment

CVE Program Container

Additional References

References