3 matches found
K00958787: NGINX Controller vulnerability CVE-2020-5867
Security Advisory Description The NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages. CVE-2020-5867 Impact A man-in-the-middle MITM attacker can use this vulnerability to intercept the insecure HTTP channel and convincingly forge any...
CVE-2020-5867
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages...
CVE-2020-5867
The CVE-2020-5867 issue affects the NGINX Controller Agent installer script (install.sh) used by the NGINX Controller. In versions prior to 3.3.0, it uses HTTP instead of HTTPS to check and install packages, creating a MITM risk where malicious packages could be forged and installed on affected N...