Skip to content
Nuclei Templates

Kong Admin <=2.03 - Admin API Access

ID: CVE-2020-11710

Severity: critical

Author: pikpikcu

Tags: cve,cve2020,kong,konghq

Description

Section titled “Description”

Kong Admin through 2.0.3 contains an issue via docker-kong which makes the admin API port accessible on interfaces other than 127.0.0.1.

YAML Source

Section titled “YAML Source”
id: CVE-2020-11710


info:
  name: Kong Admin <=2.03 - Admin API Access
  author: pikpikcu
  severity: critical
  description: Kong Admin through 2.0.3 contains an issue via docker-kong which makes the admin API port accessible on interfaces other than 127.0.0.1.
  impact: |
    Remote attackers can gain unauthorized administrative access to the Kong Admin API.
  remediation: |
    Upgrade to Kong version 2.0.3 or later to fix the vulnerability and ensure proper authentication and access control mechanisms are in place.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2020-11710
    - https://github.com/Kong/kong
    - https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611
    - https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c
    - https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-11710
    epss-score: 0.02642
    epss-percentile: 0.90121
    cpe: cpe:2.3:a:konghq:docker-kong:*:*:*:*:*:kong:*:*
  metadata:
    max-request: 1
    vendor: konghq
    product: docker-kong
    framework: kong
    shodan-query: cpe:"cpe:2.3:a:konghq:docker-kong"
  tags: cve,cve2020,kong,konghq


http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/admin/"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Welcome to kong'
          - 'configuration'
          - 'kong_env'
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a0047304502206c2235a275ff8ffab4fbce87f8e5a2ec23e04ded1dd4b6ae555c0c03c1b87d37022100e48ec9efc3f0a23d9f5f31961475485c413395163e08cb105bde02cdf31f538a:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-11710.yaml"

View on Github