CVE-2021-44527

low-risk
Published 2021-12-07

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later.

Do I need to act?

-
0.10% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
ADJACENT_NETWORK / LOW complexity

Affected Products (1)

Unifi Switch Firmware

Affected Vendors

Ui

References (2)

Vendor Advisory https://community.ui.com/releases/Security-Advisory-Bulletin-022-022/cd83c01b-33...
Vendor Advisory https://community.ui.com/releases/Security-Advisory-Bulletin-022-022/cd83c01b-33...
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal