Misconfiguration Causes Incorrect VLAN Traffic Forwarding on UniFi U6+ Access Point
CVE-2024-37380

5.3MEDIUM

Key Information:

Vendor

Ubiquiti

Status
Unifi U6+ Access Point
Vendor
CVE Published:
22 July 2024

What is CVE-2024-37380?

A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point.

Affected Products: UniFi U6+ Access Point (Version 6.6.65 and earlier)

Mitigation: Update your UniFi U6+ Access Point to Version 6.6.74 or later.

Affected Version(s)

UniFi U6+ Access Point 6.6.74

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.