High7.1F5
NGINX: NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sen…
CVE-2023-28724 Published May 3, 2023Updated by vendor Jun 17, 2026
CVE-2023-28724
Affected products & platforms
F5NGINX
Summary
NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · medium-confidence parse· fetched 4 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.