2 matches found
CVE-2024-7634
CVE-2024-7634 affects the NGINX Agent component (NGINX Agent) where the config_dirs restriction feature allows a highly privileged attacker to write/overwrite files outside the designated secure directory. Public sources (F5 advisory) indicate a path traversal-related issue with the affected rang...
CVE-2023-1550
CVE-2023-1550 (NGINX Agent) affects NGINX Agent versions 2.0 through 2.23.2. The issue arises from inserting sensitive information into log files, exposed when non-default trace level logging is enabled. An authenticated attacker with local access to read agent log files may gain access to privat...