12-07-2021 06:27 AM
We just had a security audit and their scanner detected a vulnerability in all our SX10 and SX20s called nginx <= 1.21.1 Information Disclosure Vulnerability with CVE-2013-0337. I am on the newest firmware and opened a ticket with tac but they said the scanner is wrong basically. Anyone have some ideas?
01-04-2022 12:46 PM
I actually have 5 separate nginx vulnerabilities on our SX10s and SX80s. I haven't entered a TAC case yet.
-nginx Data Disclosure Vulnerability (CVE-2017-7529)
-nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities (CVE-2018-16843, 16844, 16845)
-nginx < 1.17.7 Information Disclosure (CVE-2019-20372)
-nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE (CVE-2021-23017)
-nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability (CVE-2016-4450)
03-24-2022 07:33 AM
I have nginx vulnerabilities on our SX20s. I haven't opened a TAC case yet. Before ı want to ask you. Did you learn anything about this topic?
-nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE (CVE-2021-23017)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide