CVE-2021-23021

>= 3.0.0 and < 3.7.0

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current per

5.5MEDIUM

CVE-2021-23020

>= 3.0.0 and < 3.10.0

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead t

5.5MEDIUM

CVE-2021-23019

>= 2.0.0 and <= 2.9.0

The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is

7.8HIGH

CVE-2021-23018

>= 3.0.0 and <= 3.4.0

Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleart

7.4HIGH

CVE-2020-27730

>= 2.0.0 and <= 2.9.0

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilit

9.8CRITICAL

CVE-2020-5911

>= 2.0.0 and <= 2.9.0

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an

7.3HIGH

CVE-2020-5910

>= 2.0.0 and <= 2.9.0

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGI

7.5HIGH

CVE-2020-5909

>= 2.0.0 and <= 2.9.0

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to f

5.4MEDIUM

CVE-2020-5901

>= 3.3.0 and <= 3.4.0

In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow for a reflected Cross Site Scripting (XSS) attack. If the vic

9.6CRITICAL

CVE-2020-5899

>= 3.0.0 and <= 3.4.0

In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted and stored in the database in p

7.8HIGH

CVE-2020-5900

>= 2.0.0 and <= 2.9.0

In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX

8.8HIGH

CVE-2020-5895

>= 3.1.0 and < 3.4.0

On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows proc

7.8HIGH

CVE-2020-5894

>= 3.0.0 and <= 3.3.0

On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out.

8.1HIGH

CVE-2020-5867

>= 2.0.0 and <= 2.9.0

In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and insta

8.1HIGH

CVE-2020-5866

>= 2.0.0 and <= 2.9.0

In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change setti

5.5MEDIUM

CVE-2020-5865

>= 2.0.0 and <= 2.9.0

In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted c

4.8MEDIUM

CVE-2020-5864

>= 2.0.0 and <= 2.9.0

In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verificat

7.4HIGH

CVE-2020-5863

>= 2.0.0 and <= 2.9.0

In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unpr

8.6HIGH