2 results (0.004 seconds)

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000133233 https://security.netapp.com/advisory/ntap-20230609-0006 • CWE-276: Incorrect Default Permissions •

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000133417 https://security.netapp.com/advisory/ntap-20230609-0006 • CWE-639: Authorization Bypass Through User-Controlled Key •