CVE-2021-23018

CVE-2021-23018

Vendor N/A
Product Nginx Controller
Weakness CWE-319 · Cleartext transmission
Published June 1, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocols inside the cluster.

Key dates

02Disclosure timeline

June 1, 2021 CVE published
August 3, 2024 Record updated