Kong Admin Rest API Unauthorized Vulnerability CVE-2020-11710 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

Kong Admin Rest API Unauthorized Vulnerability CVE-2020-11710 Scanner Detail

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway or API Middleware).

Made available as an open-source project in 2015, its core values are high performance and extensibility.

The Kong API gateway administrator control interface has an unauthorized access vulnerability. An attacker can directly control the API gateway and make it an open traffic proxy through the Kong API gateway administrator control interface to access internal sensitive services.

Affected versions:

  • Kong version 2.0.2 and below

Some Advice for Common Problems

Update your Kong Rest API to the latest version to eliminate this vulnerability.

Community Discussions

Login to join discussion

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service