NGINX Instance Manager vulnerability CVE-2022-35241
CVE-2022-35241

6.5MEDIUM

Key Information:

Vendor: F5
Status: Nginx Instance Manager
Vendor: CVE Published:; 4 August 2022

Summary

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Version(s)

NGINX Instance Manager 2.x < 2.3.1

NGINX Instance Manager 1.0.0 < 1.x*

References

https://support.f5.com/csp/article/K37080719

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 4, 2022
Vulnerability Reserved
Jul 19, 2022