← Back

Nginx Controller Api Management

nginx_controller_api_management

Vendor: F5 • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-23008
1F5
1Nginx Controller Api Management
Nov 21, 2024
Jan 25, 2022
N/A· v4
5.4 MEDIUM· v3
5.5 MEDIUM· v2
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript cod...Show more
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Show less