CVE-2020-5865
published 2020-04-23CVE-2020-5865: In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the…
medium4.8CVSS 3.1
AVNACHPRNUINSUCLILAN
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | nginx_controller | < 3.3.0 | 3.3.0 |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | 2.0.0 – 2.9.0 | — |
| f5 | nginx_controller | >= 3.0.0 < 3.3.0 | 3.3.0 |