CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2020-11710
https://notcve.org/view.php?id=CVE-2020-11710
An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. β1) Inaccurate Bug Scope - The issue scope was on Kong's docker-compose template, and not Kong's docker image itself. In reality, this issue is not associated with any version of the Kong gateway. As such, the description stating βAn issue was discovered in docker-kong (for Kong) through 2.0.3.β is incorrect. • https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611 https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949 https://github.com/Kong/kong •