CVE-2020-5910

State: PUBLISHED · Published: 2020-07-02 · Updated: 2024-08-04 · Assigner: f5

Description

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.

CWE

(none)

Affected

n/a / NGINX Controller — v=3.0.0-3.5.0, 2.0.0-2.9.0, 1.0.1 [affected]

CVSS

(none)

References

https://support.f5.com/csp/article/K59209532 x_refsource_MISC

Source

cvelistV5-main/cves/2020/5xxx/CVE-2020-5910.json