etcd Unauthenticated HTTP API Leak Vulnerability Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

5

etcd Unauthenticated HTTP API Leak Vulnerability Scanner Detail

An attacker could access sensitive informations using this vulnerability.

The etcd HTTP API is accessible without authentication. This can result in keys being exposed which may contain sensitive information. It will also allow a user to change and delete keys without authentication. As a result, a remote attacker can not only discern sensitive information such as usernames and passwords, but also change or delete that data.

Some Advice for Common Problems

If you have an API that doesn't have any authentication mechanism, set an authentication mechanism immediately.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service