CVE-2022-35241: NGINX Instance Manager vulnerability CVE-2022-35241
First published: Thu Aug 04 2022(Updated: )
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 NGINX Instance Manager | >=1.0.0<=1.0.4 | |
| F5 NGINX Instance Manager | >=2.0.0<2.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2022-35241.
What is the severity of CVE-2022-35241?
The severity of CVE-2022-35241 is medium.
What is the affected software for CVE-2022-35241?
The affected software for CVE-2022-35241 is F5 Nginx Instance Manager version 1.0.0 to 1.0.4 and version 2.0.0 to 2.3.1.
How can undisclosed requests cause an increase in disk resource utilization in CVE-2022-35241?
Undisclosed requests in versions 2.x before 2.3.1 and all versions of 1.x when NGINX Instance Manager is in use can cause an increase in disk resource utilization.
Is there a fix available for CVE-2022-35241?
Yes, a fix is available. Please refer to the provided reference for more information.
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/title
- agent/tags
- agent/event
- agent/first-publish-date
- vendor/f5
- canonical/f5 nginx instance manager
- version/f5 nginx instance manager/1.0.0
- version/f5 nginx instance manager/1.0.4
- version/f5 nginx instance manager/2.0.0