Vulnerability CVE-2023-28724
Published: 2023-05-03

Description:

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.  

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Type:

CWE-276

 (Incorrect Default Permissions)

 References:
https://my.f5.com/manage/s/article/K000133233
Copyright 2026, cxsecurity.com

 

Back to Top