CVE-2020-11710 : What You Need to Know
Learn about CVE-2020-11710, a disputed vulnerability in docker-kong (for Kong) up to version 2.0.3. Understand the impact, affected systems, exploitation, and mitigation steps.
An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. The vendor disputes this CVE, claiming inaccuracies in bug scope and patch links.
Understanding CVE-2020-11710
What is CVE-2020-11710?
CVE-2020-11710 refers to a potential vulnerability in docker-kong (for Kong) versions up to 2.0.3, where the admin API port could be reachable on interfaces beyond 127.0.0.1.
The Impact of CVE-2020-11710
The disputed nature of this CVE raises questions about the actual vulnerability and its implications for affected systems.
Technical Details of CVE-2020-11710
Vulnerability Description
The issue involves the accessibility of the admin API port on docker-kong interfaces other than 127.0.0.1.
Affected Systems and Versions
- Product: n/a
- Vendor: n/a
- Versions affected: up to 2.0.3
Exploitation Mechanism
The vulnerability could potentially be exploited by unauthorized users gaining access to the admin API port.
Mitigation and Prevention
Immediate Steps to Take
- Ensure that the admin API port is only accessible on the intended interface (127.0.0.1).
- Follow security documentation when deploying Kong via docker-compose.
Long-Term Security Practices
- Regularly review and update security configurations.
- Implement network layer access restrictions to protect sensitive APIs.
Patching and Updates
Refer to the correct documentation for instructions on securing the admin API port.