Affordable, manageable, understandable solution for cyber security. Get early access for Product X !
Details
Stay Up To Date
Need Membership

No

API Support

Yes

Estimate Time (Second)

30

Kong Admin Rest API Unauthorized Vulnerability (CVE-2020-11710) Scanner Detail

If you are using Kong Rest API, it is better to check your system if any vulnerability exists.

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway or API Middleware). Made available as an open-source project in 2015, its core values are high performance and extensibility.

The Kong API gateway administrator control interface has an unauthorized access vulnerability. An attacker can directly control the API gateway and make it an open traffic proxy through the Kong API gateway administrator control interface to access internal sensitive services.

Affected versions:

  • Kong version 2.0.2 and below

Some Advice for Common Problems

Update your Kong Rest API to the latest version to eliminate this vulnerability.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service