SMTP Proxy Server Vulnerability in UniFi Controller Version <= 5.10.21

SMTP Proxy Server Vulnerability in UniFi Controller Version <= 5.10.21

CVE-2019-5456 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.

Learn more about our Cis Benchmark Audit For Server Software.