CVE-2020-5909
CVE-2020-5909 affects NGINX Controller versions 1.0.1, 2.0.0–2.9.0, and 3.0.0–3.5.0, where the server TLS certificate is not verified when running the command in the UI to fetch the agent installer. Red Hat and F5 advisories confirm this enables MITM interception/read/modify of in-transit data. T...