Main Vulnerability Database Vulnerabilities #VU27303

#VU27303 Man-in-the-Middle (MitM) attack in NGINX Controller - CVE-2020-5867

Published: April 24, 2020

Vulnerability identifier: #VU27303

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-5867

CWE-ID: CWE-300

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
NGINX Controller

Software vendor:
F5 Networks

Description

The vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack.

The vulnerability exists due to the NGINX Controller Agent installer script "install.sh" uses HTTP instead of HTTPS to check and install packages. A remote attacker can perform a MitM attack, intercept the insecure HTTP channel, convincingly forge any packages and get the malicious packages installed on the NGINX Plus instance.

Remediation

Install updates from vendor's website.

External links

https://support.f5.com/csp/article/K00958787

#VU27303 Man-in-the-Middle (MitM) attack in NGINX Controller - CVE-2020-5867

Description

Remediation

External links

Please verify you're human