{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T22:21:14.556","vulnerabilities":[{"cve":{"id":"CVE-2025-23091","sourceIdentifier":"support@hackerone.com","published":"2025-02-01T07:15:08.277","lastModified":"2025-03-13T13:15:57.990","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update."},{"lang":"es","value":"Una validación de certificado incorrecta en dispositivos UniFi OS, con Identity Enterprise configurado, podría permitir que un actor malintencionado ejecute un ataque de intermediario (MitM) durante la actualización de la aplicación."}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"references":[{"url":"https:\/\/community.ui.com\/releases\/Security-Advisory-Bulletin-045-045\/6011bc61-f2eb-457f-b71d-755703817aaf","source":"support@hackerone.com"}]}}]}