CVE-2020-5910
published 2020-07-02CVE-2020-5910: In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | — | — |
| f5 | nginx_controller | 2.0.0 – 2.9.0 | — |
| f5 | nginx_controller | 3.0.0 – 3.5.0 | — |