CVE-2020-5863
N/A
N/A
Summary
In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | NGINX Controller | 3.0.0-3.1.0, 2.0.0-2.9.0, 1.0.1 | affected |
Weaknesses
- DoS
ADP Enrichment
CVE Program Container
Additional References
- https://support.f5.com/csp/article/K14631834
- https://security.netapp.com/advisory/ntap-20200430-0005/
References
- https://support.f5.com/csp/article/K14631834
- https://security.netapp.com/advisory/ntap-20200430-0005/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.