CVE-2020-5910
02.07.2020, 13:15
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.Enginsight
| Vendor | Product | Version |
|---|---|---|
| f5 | nginx_controller | 2.0.0 ≤ 𝑥 ≤ 2.9.0 |
| f5 | nginx_controller | 3.0.0 ≤ 𝑥 ≤ 3.5.0 |
| f5 | nginx_controller | 1.0.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration