EUVD-2023-32362

Malicious code in bioql PyPI...

Vulnerabilities fixed in several F5 products

F5 has fixed several vulnerabilities in BIG-IP and NGINX. A remote malicious party can exploit the vulnerabilities in BIG-IP exploit them to cause a denial-of-service DOS on the Traffic Management Microkernel TMM subprocess. To do this, the vulnerable system must be configured with a specific UDP...

Default credentials

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2023-2757 · Nginx · Nginx Instance Manager +3

Name of the Vulnerable Software and Affected Versions: NGINX Management Suite affected versions not specified NGINX Instance Manager affected versions not specified NGINX API Connectivity Manager affected versions not specified NGINX Security Monitoring affected versions not specified Description...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

Design/Logic Flaw

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

K000133135: NGINX Agent vulnerability CVE-2023-1550

Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...