4 matches found
CVE-2022-23008
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software...
K57735782: NGINX Controller API Management vulnerability CVE-2022-23008
Security Advisory Description An authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. CVE-2022-23008 Impact Successful exploitation...
CVE-2022-23008
Summary: CVE-2022-23008 affects the NGINX Controller API Management software (versions 3.18.0–3.19.0). Vulnerability: An authenticated user with the user or admin role can access undisclosed API endpoints to inject JavaScript that runs on managed NGINX data plane instances. The Red Hat advisory c...
Vulnerabilities fixed in F5 products
F5 has fixed multiple vulnerabilities in several F5 products, including BIG-IP and BIG-IQ. Most of the updates are relate to the Traffic Management Microkernel TMM, a component of virtually all BIG-IP modules. The vulnerability with reference CVE-2022-23008 concerns the NGINX Controller API...