CVE-2020-5910
N/A
N/A
Summary
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | NGINX Controller | 3.0.0-3.5.0, 2.0.0-2.9.0, 1.0.1 | affected |
Weaknesses
- data leakage
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.