VYPR
High severity7.5NVD Advisory· Published Jul 2, 2020· Updated Jun 17, 2026

CVE-2020-5910

CVE-2020-5910

Description

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.

Affected products

2
  • NGINX/Controllerdescription
  • Nginx/Controllerllm-create
    Range: 3.0.0-3.5.0, 2.0.0-2.9.0, 1.0.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.