Lucene search
F5F5:K52125139HistoryAug 03, 2022 - 12:00 a.m.
K52125139 : NGINX Ingress Controller vulnerability CVE-2022-30535
2022-08-0300:00:00
my.f5.com
42
nginx ingress controller
cve-2022-30535
vulnerability
data breach
network access
confidential data
Security Advisory Description
An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. (CVE-2022-30535)
Impact
This vulnerability may allow an authenticated attacker with network access to NGINX Ingress Controller ingress objects to read confidential data. In the default configuration, the attacker has access to all secrets in the cluster. In a single namespace configuration, the attacker access is limited to the secrets of the namespace. There is no data plane exposure; this is a control plane issue only.
Related
cve
cve
CVE-2022-30535
2022-08-04 18:15:09
cvelist
cvelist
CVE-2022-30535 NGINX Ingress Controller vulnerability CVE-2022-30535
2022-08-04 17:45:41
cnvd
cnvd
F5 NGINX Ingress Controller Input Validation Error Vulnerability
2022-08-03 00:00:00
osv
osv
CVE-2022-30535
2022-08-04 18:15:09
BIT-nginx-ingress-controller-2022-30535
2023-11-06 08:57:20
nvd
nvd
CVE-2022-30535
2022-08-04 18:15:09
prion
prion
Design/Logic Flaw
2022-08-04 18:15:00
f5
f5
K14649763 : Overview of F5 vulnerabilities (August 2022)
2022-08-03 00:00:00