F5 Nginx Api Connectivity Manager
3 CVEs affecting F5 Nginx Api Connectivity Manager. Latest disclosed: 2024-11-06. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28656 | High | 8.1 | 2023-05-03 | NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software ver… |
CVE-2023-28724 | High | 7.1 | 2023-05-03 | NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and… |
CVE-2024-10318 | Medium | 5.4 | 2024-11-06 | A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. This flaw allows an… |