CVE-2022-35241

Name of the Vulnerable Software and Affected Versions NGINX Instance Manager versions 1.x and earlier NGINX Instance Manager versions 2.x through 2.3.0

Description The issue is related to uncontrolled resource consumption. It may allow a remote attacker to cause a denial of service. In affected versions, undisclosed requests can cause an increase in disk resource utilization when NGINX Instance Manager is in use.

Recommendations For versions 1.x, there is no information about a newer version that contains a fix for this issue. For versions 2.x through 2.3.0, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the NGINX Instance Manager to minimize the risk of exploitation.