PT-2020-18799 · Nginx · Nginx Controller

Published

2020-07-01

Updated

2021-07-21

CVE-2020-5899

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NGINX Controller versions 3.0.0 through 3.4.0

Description The issue allows an attacker who can intercept the database connection or have read access to the database to request a password reset using the email address of another registered user and then retrieve the recovery code, as the recovery code required to change a user's password is transmitted and stored in the database in plain text.

Recommendations For NGINX Controller versions 3.0.0 through 3.4.0, consider restricting access to the database to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Cleartext Storage of Sensitive Information

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319CWE-312CWE-522

Related Identifiers

CVE-2020-5899

Affected Products

Nginx Controller

PT-2020-18799 · Nginx · Nginx Controller

CVE-2020-5899

Weakness Enumeration

Related Identifiers

Affected Products

References · 3