Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.5 views

CVE-2022-23008

On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software...

5.5CVSS6.8AI score0.0053EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.51 views

K57735782: NGINX Controller API Management vulnerability CVE-2022-23008

Security Advisory Description An authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. CVE-2022-23008 Impact Successful exploitation...

5.5CVSS5.4AI score0.0053EPSS
Exploits0Affected Software1
CVE
CVE
added 2022/01/25 7:11 p.m.128 views

CVE-2022-23008

Summary: CVE-2022-23008 affects the NGINX Controller API Management software (versions 3.18.0–3.19.0). Vulnerability: An authenticated user with the user or admin role can access undisclosed API endpoints to inject JavaScript that runs on managed NGINX data plane instances. The Red Hat advisory c...

5.5CVSS5.9AI score0.0053EPSS
Exploits0References1Affected Software1
NCSC
NCSC
added 2022/01/21 12:0 a.m.59 views

Vulnerabilities fixed in F5 products

F5 has fixed multiple vulnerabilities in several F5 products, including BIG-IP and BIG-IQ. Most of the updates are relate to the Traffic Management Microkernel TMM, a component of virtually all BIG-IP modules. The vulnerability with reference CVE-2022-23008 concerns the NGINX Controller API...

9CVSS7.4AI score0.01112EPSS
Exploits0
Rows per page
Query Builder