CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-23019
https://notcve.org/view.php?id=CVE-2021-23019
The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package. La contraseña de administrador NGINX Controller versiones 2.0.0 a 2.9.0 y 3.x versiones anteriores a 3.15.0 puede estar expuesta en el archivo systemd.txt que se incluye en el paquete de soporte de NGINX • https://support.f5.com/csp/article/K04884013 • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-522: Insufficiently Protected Credentials •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23018
https://notcve.org/view.php?id=CVE-2021-23018
Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocols inside the cluster. Una comunicación dentro del clúster no usa TLS. Los servicios dentro del espacio de nombres de NGINX Controller 3.x versiones anteriores a 3.4.0 estan usando protocolos de texto sin cifrar dentro del clúster • https://support.f5.com/csp/article/K97002210 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 8.1EPSS: 37%CPEs: 25EXPL: 4CVE-2021-23017 – Nginx 1.20.0 - Denial of Service (DOS)
https://notcve.org/view.php?id=CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. Se identificó un problema de seguridad en el solucionador de nginx, que podría permitir a un atacante que pueda falsificar paquetes UDP desde el servidor DNS para causar una sobrescritura de memoria de 1 byte, lo que causaría un bloqueo del proceso de trabajo u otro impacto potencial A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in certain circumstances. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Nginx version 1.20.0 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/50973 https://github.com/M507/CVE-2021-23017-PoC https://github.com/ShivamDey/CVE-2021-23017 https://github.com/lakshit1212/CVE-2021-23017-PoC http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html http://packetstormsecurity.com/files/167720/Nginx-1.20.0-Denial-Of-Service.html https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009%40%3Cnotifications.apisix.apache.org%3E https://lists.apache.org/thread.html/r4d4966221ca399 • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27730
https://notcve.org/view.php?id=CVE-2020-27730
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. En versiones 3.0.0-3.9.0, 2.0.0-2.9.0 y 1.0.1, el NGINX Controller Agent no usa rutas absolutas cuando llaman a las utilidades del sistema • https://security.netapp.com/advisory/ntap-20210115-0004 https://support.f5.com/csp/article/K43530108 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-5909
https://notcve.org/view.php?id=CVE-2020-5909
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified. En las versiones 3.0.0 hasta 3.5.0, 2.0.0 hasta 2.9.0 y 1.0.1, cuando los usuarios ejecutan el comando desplegado en la Interfaz de Usuario (UI) del NGINX Controller para obtener el instalador del agente, el certificado TLS del servidor no es verificado • https://support.f5.com/csp/article/K31150658 • CWE-295: Improper Certificate Validation •