CVE-2020-5866
published 2020-04-23CVE-2020-5866: In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | nginx_controller | < 3.3.0 | 3.3.0 |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | 2.0.0 – 2.9.0 | — |
| f5 | nginx_controller | >= 3.0.0 < 3.3.0 | 3.3.0 |