CVE-2022-35241

Published: Aug 4, 2022Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected (2)

Products: F5: Nginx Instance Manager

1 product

Nginx Instance Manager

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
F5 Nginx Instance Manager	From 1.0.0 to 1.0.4
F5 Nginx Instance Manager	From 2.0.0 to 2.3.1

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://support.f5.com/csp/article/K37080719

Source: f5sirt@f5.com

Vendor Advisory

https://support.f5.com/csp/article/K37080719

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.