{"containers":{"cna":{"affected":[{"product":"UniFi","vendor":"UniFi","versions":[{"status":"affected","version":"<= 5.10.21"}]}],"datePublic":"2019-05-15T00:00:00.000Z","descriptions":[{"lang":"en","value":"SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-300","description":"Man-in-the-Middle (CWE-300)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2019-07-30T20:19:48.000Z","orgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","shortName":"hackerone"},"references":[{"tags":["x_refsource_MISC"],"url":"https://hackerone.com/reports/519582"},{"tags":["x_refsource_CONFIRM"],"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391"},{"tags":["x_refsource_CONFIRM"],"url":"https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c"},{"tags":["x_refsource_CONFIRM"],"url":"https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"support@hackerone.com","ID":"CVE-2019-5456","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"UniFi","version":{"version_data":[{"version_value":"<= 5.10.21"}]}}]},"vendor_name":"UniFi"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Man-in-the-Middle (CWE-300)"}]}]},"references":{"reference_data":[{"name":"https://hackerone.com/reports/519582","refsource":"MISC","url":"https://hackerone.com/reports/519582"},{"name":"https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391","refsource":"CONFIRM","url":"https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391"},{"name":"https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c","refsource":"CONFIRM","url":"https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c"},{"name":"https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124","refsource":"CONFIRM","url":"https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T19:54:53.544Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://hackerone.com/reports/519582"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://community.ui.com/releases/862b962b-55f6-4324-96be-610f647d5c1c"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://community.ui.com/releases/9f698d0b-8279-40d3-9f1a-d36db4813124"}]}]},"cveMetadata":{"assignerOrgId":"36234546-b8fa-4601-9d6f-f4e334aa8ea1","assignerShortName":"hackerone","cveId":"CVE-2019-5456","datePublished":"2019-07-30T20:19:48.000Z","dateReserved":"2019-01-04T00:00:00.000Z","dateUpdated":"2024-08-04T19:54:53.544Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}