ID
VAR-202208-0279
CVE
CVE-2022-30535
TITLE
NGINX Ingress Controller Input verification vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-016736
DESCRIPTION
In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. NGINX Ingress Controller There is an input validation vulnerability in.Information may be obtained
Trust: 1.8
sources:
NVD: CVE-2022-30535 //
JVNDB: JVNDB-2022-016736 //
VULHUB: VHN-430706 //
VULMON: CVE-2022-30535
AFFECTED PRODUCTS
| vendor: | f5 | model: | nginx ingress controller | scope: | gte | version: | 1.0.0 | Trust: 1.0 |
| vendor: | f5 | model: | nginx ingress controller | scope: | lt | version: | 2.3.0 | Trust: 1.0 |
| vendor: | f5 | model: | nginx ingress controller | scope: | - | version: | - | Trust: 0.8 |
| vendor: | f5 | model: | nginx ingress controller | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-016736 //
NVD: CVE-2022-30535
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-016736 //
CNNVD: CNNVD-202208-2074 //
NVD: CVE-2022-30535 //
NVD: CVE-2022-30535
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.1 |
| problemtype: | Inappropriate input confirmation (CWE-20) [ others ] | Trust: 0.8 |
sources:
VULHUB: VHN-430706 //
JVNDB: JVNDB-2022-016736 //
NVD: CVE-2022-30535
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202208-2074
TYPE
input validation error
Trust: 0.6
sources:
CNNVD: CNNVD-202208-2074
PATCH
| title: | K52125139 | url: | https://my.f5.com/manage/s/article/K52125139 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-016736
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-30535 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-016736 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202208-2074 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-430706 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2022-30535 | Trust: 0.1 |
sources:
VULHUB: VHN-430706 //
VULMON: CVE-2022-30535 //
JVNDB: JVNDB-2022-016736 //
CNNVD: CNNVD-202208-2074 //
NVD: CVE-2022-30535
REFERENCES
| url: | https://support.f5.com/csp/article/k52125139 | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-30535 | Trust: 0.8 |
| url: | https://vigilance.fr/vulnerability/f5-big-ip-multiple-vulnerabilities-38983 | Trust: 0.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-30535/ | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/20.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-430706 //
VULMON: CVE-2022-30535 //
JVNDB: JVNDB-2022-016736 //
CNNVD: CNNVD-202208-2074 //
NVD: CVE-2022-30535
SOURCES
| db: | VULHUB | id: | VHN-430706 |
| db: | VULMON | id: | CVE-2022-30535 |
| db: | JVNDB | id: | JVNDB-2022-016736 |
| db: | CNNVD | id: | CNNVD-202208-2074 |
| db: | NVD | id: | CVE-2022-30535 |
LAST UPDATE DATE
2024-08-14T14:17:49.581000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-430706 | date: | 2022-08-10T00:00:00 |
| db: | VULMON | id: | CVE-2022-30535 | date: | 2022-08-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-016736 | date: | 2023-10-06T05:05:00 |
| db: | CNNVD | id: | CNNVD-202208-2074 | date: | 2022-08-11T00:00:00 |
| db: | NVD | id: | CVE-2022-30535 | date: | 2022-08-10T15:35:54.290 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-430706 | date: | 2022-08-04T00:00:00 |
| db: | VULMON | id: | CVE-2022-30535 | date: | 2022-08-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-016736 | date: | 2023-10-06T00:00:00 |
| db: | CNNVD | id: | CNNVD-202208-2074 | date: | 2022-08-03T00:00:00 |
| db: | NVD | id: | CVE-2022-30535 | date: | 2022-08-04T18:15:09.423 |