Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistF5CVELIST:CVE-2021-23020
HistoryJun 01, 2021 - 12:14 p.m.

CVE-2021-23020

2021-06-0112:14:39
CWE-330
f5
www.cve.org

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.

CNA Affected

[
  {
    "product": "Nginx Controller",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "“3.x before 3.10.0”"
      }
    ]
  }
]

Related

prion 1
f5 2
nvd 1
cve 1
ibm 1
prion
prion
Code injection
2021-06-01 13:15:00
f5
f5
K45263486 : NGINX Controller vulnerability CVE-2021-23020
2021-05-25 00:00:00
K52559937 : Overview of NGINX vulnerabilities (May 2021)
2021-05-25 00:00:00
nvd
nvd
CVE-2021-23020
2021-06-01 13:15:07
cve
cve
CVE-2021-23020
2021-06-01 13:15:07
ibm
ibm
Security Bulletin: Multiple vulnerabilities in F5 NGINX Controller affect IBM Cloud Pak for Automation
2021-08-12 22:14:22

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for CVELIST:CVE-2021-23020
prion1f52nvd1cve1ibm1