etcd Unauthenticated HTTP API Leak Vulnerability Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


etcd Unauthenticated HTTP API Leak Vulnerability Scanner Detail

An attacker could access sensitive informations using this vulnerability.

The etcd HTTP API is accessible without authentication. This can result in keys being exposed which may contain sensitive information. It will also allow a user to change and delete keys without authentication. As a result, a remote attacker can not only discern sensitive information such as usernames and passwords, but also change or delete that data.

Some Advice for Common Problems

If you have an API that doesn't have any authentication mechanism, set an authentication mechanism immediately.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service