Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
F5 NGINX Controller 授权问题漏洞
Vulnerability Description
F5 NGINX Controller是美国F5公司的一款用于NGINX的集中式监视和管理平台。该平台支持使用可视化界面管理多个NGINX实例。 F5 NGINX Controller 1.0.1版本、2.0.0版本至2.9.0版本和3.0.0版本至3.5.0版本中的NGINX controller NATS消息服务存在安全漏洞,该漏洞源于程序没有进行任何形式的身份验证。攻击者可利用该漏洞窃听NATS连接,从而获得存储在消息队列中的数据。
CVSS Information
N/A
Vulnerability Type
N/A