Lucene search

K

NGINX Agent Security Vulnerabilities

cve
cve

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

5.5CVSS

5AI Score

0.0004EPSS

2023-03-29 05:15 PM
31
cve
cve

CVE-2021-23021

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to...

5.5CVSS

6AI Score

0.0004EPSS

2021-06-01 01:15 PM
29
2
cve
cve

CVE-2020-27730

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system...

9.8CVSS

9.4AI Score

0.004EPSS

2020-12-11 08:15 PM
56
5
cve
cve

CVE-2020-5909

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not...

5.4CVSS

5.5AI Score

0.001EPSS

2020-07-02 01:15 PM
16
cve
cve

CVE-2020-5867

In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install...

8.1CVSS

8AI Score

0.002EPSS

2020-04-23 08:15 PM
25