K04884013 : NGINX Controller vulnerability CVE-2021-23019

2021-05-2500:00:00

my.f5.com

0.0004 Low

EPSS

Percentile

12.7%

JSON

Security Advisory Description

The NGINX Controller Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package. (CVE-2021-23019)

Impact

The Administrator password is exposed in the NGINX support package. This password leak occurs only when you enabled sudo auditing.

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq14.1.2
f5 ssl orchestratoreq14.1.4
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq15.1.1
f5 ssl orchestratoreq16.0.0
f5 ssl orchestratoreq16.0.1
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq11.6.3

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	14.1.2
f5 ssl orchestrator	eq	14.1.4
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	15.1.1
f5 ssl orchestrator	eq	16.0.0
f5 ssl orchestrator	eq	16.0.1
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	11.6.3

Rows per page:

1-10 of 2961

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for F5:K04884013