No
Yes
30
If you are using Kong Rest API, it is better to check your system if any vulnerability exists.
Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway or API Middleware). Made available as an open-source project in 2015, its core values are high performance and extensibility.
The Kong API gateway administrator control interface has an unauthorized access vulnerability. An attacker can directly control the API gateway and make it an open traffic proxy through the Kong API gateway administrator control interface to access internal sensitive services.
Affected versions:
Update your Kong Rest API to the latest version to eliminate this vulnerability.