2 matches found
CVE-2023-28656
CVE-2023-28656 – NGINX Management Suite : An authenticated attacker may bypass authorization to access configuration objects outside their assigned environment, a control-plane issue with no data-plane exposure reported. The vulnerability affects NGINX Management Suite components (NGINX Instance ...
CVE-2023-28724
CVE-2023-28724 affects NGINX Management Suite components (NGINX Instance Manager and NGINX API Connectivity Manager). The root cause is incorrect default file permissions, allowing an authenticated attacker to modify sensitive files and potentially escalate privileges. Affected vulnerable ranges ...