F5 Nginx Instance Manager
4 CVEs affecting F5 Nginx Instance Manager. Latest disclosed: 2024-11-06. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28656 | High | 8.1 | 2023-05-03 | NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software ver… |
CVE-2023-28724 | High | 7.1 | 2023-05-03 | NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and… |
CVE-2022-35241 | Medium | 6.5 | 2022-08-04 | In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utiliz… |
CVE-2024-10318 | Medium | 5.4 | 2024-11-06 | A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. This flaw allows an… |