CVE-2023-38034 - Vulnerability Details

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Ui	U6-enterprise U6-enterprise-iw U6-extender U6-iw U6-lite U6-lr U6-mesh U6-pro U6\+ Uap-ac-iw Uap-ac-lite Uap-ac-lr Uap-ac-m Uap-ac-m-pro Uap-ac-pro Ubb Ubb-xg Unifi Switch Firmware Unifi Uap Firmware Us-16-150w Us-24-250w Us-48-500w Us-8-150w Us-8-60w Us-xg-6poe Usw-16-poe Usw-24 Usw-24-poe Usw-48 Usw-48-poe Usw-aggregation Usw-enterprise-24-poe Usw-enterprise-48-poe Usw-enterprise-8-poe Usw-enterprisexg-24 Usw-flex Usw-flex-xg Usw-industrial Usw-lite-16-poe Usw-lite-8-poe Usw-mission-critical Usw-pro-24 Usw-pro-24-poe Usw-pro-48 Usw-pro-48-poe Usw-pro-aggregation Uwb-xg

Configuration 1 [-]

AND

cpe:2.3:o:ui:unifi_uap_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:ui:u6\+:-:::::::*
	cpe:2.3:h:ui:u6-enterprise:-:::::::*
	cpe:2.3:h:ui:u6-enterprise-iw:-:::::::*
	cpe:2.3:h:ui:u6-extender:-:::::::*
	cpe:2.3:h:ui:u6-iw:-:::::::*
	cpe:2.3:h:ui:u6-lite:-:::::::*
	cpe:2.3:h:ui:u6-lr:-:::::::*
	cpe:2.3:h:ui:u6-mesh:-:::::::*
	cpe:2.3:h:ui:u6-pro:-:::::::*
	cpe:2.3:h:ui:uap-ac-iw:-:::::::*
	cpe:2.3:h:ui:uap-ac-lite:-:::::::*
	cpe:2.3:h:ui:uap-ac-lr:-:::::::*
	cpe:2.3:h:ui:uap-ac-m:-:::::::*
	cpe:2.3:h:ui:uap-ac-m-pro:-:::::::*
	cpe:2.3:h:ui:uap-ac-pro:-:::::::*
	cpe:2.3:h:ui:ubb:-:::::::*
	cpe:2.3:h:ui:ubb-xg:-:::::::*
	cpe:2.3:h:ui:uwb-xg:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:ui:unifi_switch_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:ui:us-16-150w:-:::::::*
	cpe:2.3:h:ui:us-24-250w:-:::::::*
	cpe:2.3:h:ui:us-48-500w:-:::::::*
	cpe:2.3:h:ui:us-8-150w:-:::::::*
	cpe:2.3:h:ui:us-8-60w:-:::::::*
	cpe:2.3:h:ui:us-xg-6poe:-:::::::*
	cpe:2.3:h:ui:usw-16-poe:-:::::::*
	cpe:2.3:h:ui:usw-24:-:::::::*
	cpe:2.3:h:ui:usw-24-poe:-:::::::*
	cpe:2.3:h:ui:usw-48:-:::::::*
	cpe:2.3:h:ui:usw-48-poe:-:::::::*
	cpe:2.3:h:ui:usw-aggregation:-:::::::*
	cpe:2.3:h:ui:usw-enterprise-24-poe:-:::::::*
	cpe:2.3:h:ui:usw-enterprise-48-poe:-:::::::*
	cpe:2.3:h:ui:usw-enterprise-8-poe:-:::::::*
	cpe:2.3:h:ui:usw-enterprisexg-24:-:::::::*
	cpe:2.3:h:ui:usw-flex:-:::::::*
	cpe:2.3:h:ui:usw-flex-xg:-:::::::*
	cpe:2.3:h:ui:usw-industrial:-:::::::*
	cpe:2.3:h:ui:usw-lite-16-poe:-:::::::*
	cpe:2.3:h:ui:usw-lite-8-poe:-:::::::*
	cpe:2.3:h:ui:usw-mission-critical:-:::::::*
	cpe:2.3:h:ui:usw-pro-24:-:::::::*
	cpe:2.3:h:ui:usw-pro-24-poe:-:::::::*
	cpe:2.3:h:ui:usw-pro-48:-:::::::*
	cpe:2.3:h:ui:usw-pro-48-poe:-:::::::*
	cpe:2.3:h:ui:usw-pro-aggregation:-:::::::*

No data.

References

Link	Providers
https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56

History

Wed, 04 Dec 2024 17:15:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:ubiquiti:unifi_access_points:::::::: cpe:2.3:o:ubiquiti:unifi_switch_firmware::::::::
Vendors & Products	Ubiquiti Ubiquiti unifi Access Points Ubiquiti unifi Switch Firmware

Wed, 09 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ubiquiti Ubiquiti unifi Access Points Ubiquiti unifi Switch Firmware
CPEs		cpe:2.3:a:ubiquiti:unifi_access_points:::::::: cpe:2.3:o:ubiquiti:unifi_switch_firmware::::::::
Vendors & Products		Ubiquiti Ubiquiti unifi Access Points Ubiquiti unifi Switch Firmware
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2023-08-10T18:58:07.647Z

Updated: 2024-12-04T16:30:27.937Z

Reserved: 2023-07-12T01:00:11.880Z

Link: CVE-2023-38034

Vulnrichment

Updated: 2024-08-02T17:30:12.339Z

NVD

Status : Modified

Published: 2023-08-10T19:15:09.803

Modified: 2024-11-21T08:12:43.107

Link: CVE-2023-38034

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object