CVE-2020-8213

Summary

An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.

Affected Software

VendorProductVersion RangeStatus
UniFiProtect for UniFi Cloud Key Gen2 PlusFixed in v1.13.4-beta.5affected

Weaknesses

  • CWE-209: Information Exposure Through an Error Message (CWE-209)

ADP Enrichment

CVE Program Container

Additional References

References