CVE-2023-28724
- EPSS 0.17%
- Veröffentlicht 03.05.2023 15:15:13
- Zuletzt bearbeitet 10.04.2025 20:32:16
NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Techn...
CVE-2023-28656
- EPSS 0.53%
- Veröffentlicht 03.05.2023 15:15:12
- Zuletzt bearbeitet 19.05.2025 14:45:09
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2023-1550
- EPSS 0.22%
- Veröffentlicht 29.03.2023 17:15:07
- Zuletzt bearbeitet 21.11.2024 07:39:25
Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to...
CVE-2022-35241
- EPSS 0.65%
- Veröffentlicht 04.08.2022 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:10:57
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not e...