Exposure of Administrator Password in NGINX Controller Support Package

Exposure of Administrator Password in NGINX Controller Support Package

CVE-2021-23019 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package.

Learn more about our Cis Benchmark Audit For Nginx.