Vulnerability Details CVE-2022-30535
In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.5%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2022-30535
-
cpe:2.3:a:f5:nginx_ingress_controller:1.0.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.1.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.1.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.10.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.10.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.11.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.11.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.11.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.11.3
-
cpe:2.3:a:f5:nginx_ingress_controller:1.12.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.12.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.12.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.12.3
-
cpe:2.3:a:f5:nginx_ingress_controller:1.12.4
-
cpe:2.3:a:f5:nginx_ingress_controller:1.2.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.3.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.3.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.3.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.3
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.4
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.5
-
cpe:2.3:a:f5:nginx_ingress_controller:1.4.6
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.3
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.4
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.5
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.6
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.7
-
cpe:2.3:a:f5:nginx_ingress_controller:1.5.8
-
cpe:2.3:a:f5:nginx_ingress_controller:1.6.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.6.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.6.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.6.3
-
cpe:2.3:a:f5:nginx_ingress_controller:1.7.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.7.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.7.2
-
cpe:2.3:a:f5:nginx_ingress_controller:1.8.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.8.1
-
cpe:2.3:a:f5:nginx_ingress_controller:1.9.0
-
cpe:2.3:a:f5:nginx_ingress_controller:1.9.1
-
cpe:2.3:a:f5:nginx_ingress_controller:2.0.0
-
cpe:2.3:a:f5:nginx_ingress_controller:2.0.1
-
cpe:2.3:a:f5:nginx_ingress_controller:2.0.2
-
cpe:2.3:a:f5:nginx_ingress_controller:2.0.3
-
cpe:2.3:a:f5:nginx_ingress_controller:2.1.0
-
cpe:2.3:a:f5:nginx_ingress_controller:2.1.1
-
cpe:2.3:a:f5:nginx_ingress_controller:2.1.2
-
cpe:2.3:a:f5:nginx_ingress_controller:2.2.0