CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5895
https://notcve.org/view.php?id=CVE-2020-5895
07 May 2020 — On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. A local system attacker can make AVRD segmentation fault (SIGSEGV) by writing malformed messages to the socket. En NGINX Controller versiones 3.1.0 hasta 3.3.0, AVRD usa permisos world-readable y world-writable en su socket, que permite a procesos o usuarios en el sistema local escribir datos arbitrarios ... • https://security.netapp.com/advisory/ntap-20200522-0001 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5894
https://notcve.org/view.php?id=CVE-2020-5894
07 May 2020 — On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out. En las versiones 3.0.0 hasta 3.3.0, el servidor web de NGINX Controller no invalida el token de sesión del lado del servidor después de que los usuarios cierran sesión. • https://support.f5.com/csp/article/K13028514 • CWE-384: Session Fixation •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5867
https://notcve.org/view.php?id=CVE-2020-5867
23 Apr 2020 — In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages En versiones anteriores a la versión 3.3.0, el instalador de NGINX Controller Agent "install.sh" usa HTTP en lugar de HTTPS para comprobar e instalar paquetes. • https://security.netapp.com/advisory/ntap-20200430-0005 • CWE-319: Cleartext Transmission of Sensitive Information CWE-494: Download of Code Without Integrity Check •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-5866
https://notcve.org/view.php?id=CVE-2020-5866
23 Apr 2020 — In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments. En las versiones de NGINX Controller anteriores a la versión 3.3.0, el script helper.sh, que es usado opcionalmente en NGINX Controller para cambiar la configuración, usa elementos confidenciales como argumentos de línea de comandos. • https://security.netapp.com/advisory/ntap-20200430-0005 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-5864
https://notcve.org/view.php?id=CVE-2020-5864
23 Apr 2020 — In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. En las versiones de NGINX Controller anteriores a 3.2.0, una comunicación entre NGINX Controller y las instancias NGINX Plus omite una verificación de TLS por defecto. • https://security.netapp.com/advisory/ntap-20200430-0005 • CWE-295: Improper Certificate Validation •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5865
https://notcve.org/view.php?id=CVE-2020-5865
23 Apr 2020 — In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. En versiones anteriores a la versión 3.3.0, el NGINX Controller está configurado para comunicarse con su servidor de base de datos Postgres sobre canales no cifrados, haciendo que los datos comunicados sean vulnerables a una intercepción por medio de ataques de tipo man-in-the-m... • https://security.netapp.com/advisory/ntap-20200430-0005 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 8.6EPSS: 1%CPEs: 4EXPL: 0CVE-2020-5863
https://notcve.org/view.php?id=CVE-2020-5863
27 Mar 2020 — In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of the system. En NGINX Controller versiones anteriores a 3.2.0, un atacante no autenticado con acceso de red a la API Controller puede crear cuentas de usuario no privilegiados. El usuario que es creado solo es capaz de cargar una nu... • https://security.netapp.com/advisory/ntap-20200430-0005 •
CVSS: 5.3EPSS: 65%CPEs: 5EXPL: 4CVE-2019-20372 – nginx: HTTP request smuggling in configurations with URL redirect used as error_page
https://notcve.org/view.php?id=CVE-2019-20372
09 Jan 2020 — NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. NGINX versiones anteriores a 1.17.7, con ciertas configuraciones de error_page, permite el trafico no autorizado de peticiones HTTP, como es demostrado por la capacidad de un atacante para leer páginas web no autorizadas en entornos donde NGINX está al frente de un equilibrador... • https://github.com/0xleft/CVE-2019-20372 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-4968
https://notcve.org/view.php?id=CVE-2011-4968
19 Nov 2019 — nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) El módulo nginx http proxy no comprueba la identidad de peer del servidor de origen https, lo que podría facilitar un ataque de tipo man-in-the-middle (MITM) • http://www.openwall.com/lists/oss-security/2013/01/03/8 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 20%CPEs: 39EXPL: 1CVE-2019-9511 – Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9511
13 Aug 2019 — Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Algunas implementaciones de HTTP / 2 son vulnerables a la manip... • https://github.com/flyniu666/ingress-nginx-0.21-1.19.5 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •