Details of VAR-202004-0227

ID

VAR-202004-0227

CVE

CVE-2020-11710

TITLE

docker-kong Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003939

DESCRIPTION

An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1) Inaccurate Bug Scope - The issue scope was on Kong's docker-compose template, and not Kong's docker image itself. In reality, this issue is not associated with any version of the Kong gateway. As such, the description stating ‘An issue was discovered in docker-kong (for Kong) through 2.0.3.’ is incorrect. This issue only occurs if a user decided to spin up Kong via docker-compose without following the security documentation. The docker-compose template is meant for users to quickly get started with Kong, and is meant for development purposes only. 2) Incorrect Patch Links - The CVE currently points to a documentation improvement as a “Patch” link: https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611.This link actually points to an improvement Kong Inc made for fool-proofing. However, instructions for how to protect the admin API were already well-documented here: https://docs.konghq.com/2.0.x/secure-admin-api/#network-layer-access-restrictions , which was first published back in 2017 (as shown in this commit: https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949) Lastly, the hyperlink to https://github.com/Kong/kong (an unrelated Github Repo to this issue) on the Hyperlink list does not include any meaningful information on this topic. docker-kong (for Kong) There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. docker-kong is an API3 gateway product used in the Docker application container engine

Trust: 2.25

sources: NVD: CVE-2020-11710 // JVNDB: JVNDB-2020-003939 // CNVD: CNVD-2020-24138 // VULMON: CVE-2020-11710

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-24138

AFFECTED PRODUCTS

vendor:	konghq	model:	docker-kong	scope:	lte	version:	2.0.3	Trust: 1.0
vendor:	kong	model:	docker-kong	scope:	eq	version:	2.0.3	Trust: 0.8
vendor:	docker kong	model:	docker-kong	scope:	lte	version:	<=2.0.3	Trust: 0.6

sources: CNVD: CNVD-2020-24138 // JVNDB: JVNDB-2020-003939 // NVD: CVE-2020-11710

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-11710
value:	CRITICAL
Trust: 1.0
NVD:	JVNDB-2020-003939
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2020-24138
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202004-611
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2020-11710
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-11710
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-003939
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-24138
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-11710
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-003939
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-24138 // VULMON: CVE-2020-11710 // JVNDB: JVNDB-2020-003939 // CNNVD: CNNVD-202004-611 // NVD: CVE-2020-11710

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2020-003939 // NVD: CVE-2020-11710

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-611

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-611

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-003939

PATCH

title:	chore(admin) restrict the admin port to 127 (#350)	url:	https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c	Trust: 0.8
title:	fix(admin) bind the kong admin api port to 127 (#1869)	url:	https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611	Trust: 0.8
title:	Patch for Unknown vulnerability exists in docker-kong	url:	https://www.cnvd.org.cn/patchInfo/show/214983	Trust: 0.6
title:	docker-kong Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113649	Trust: 0.6
title:	kong-pwn	url:	https://github.com/RandomRobbieBF/kong-pwn	Trust: 0.1
title:	https://github.com/1135/Kong_exploit	url:	https://github.com/1135/Kong_exploit	Trust: 0.1

sources: CNVD: CNVD-2020-24138 // VULMON: CVE-2020-11710 // JVNDB: JVNDB-2020-003939 // CNNVD: CNNVD-202004-611

EXTERNAL IDS

db:	NVD	id:	CVE-2020-11710	Trust: 3.1
db:	JVNDB	id:	JVNDB-2020-003939	Trust: 0.8
db:	CNVD	id:	CNVD-2020-24138	Trust: 0.6
db:	NSFOCUS	id:	46438	Trust: 0.6
db:	CNNVD	id:	CNNVD-202004-611	Trust: 0.6
db:	VULMON	id:	CVE-2020-11710	Trust: 0.1

sources: CNVD: CNVD-2020-24138 // VULMON: CVE-2020-11710 // JVNDB: JVNDB-2020-003939 // CNNVD: CNNVD-202004-611 // NVD: CVE-2020-11710

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2020-11710	Trust: 2.0
url:	https://github.com/kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c	Trust: 1.6
url:	https://github.com/kong/kong	Trust: 1.6
url:	https://github.com/kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949	Trust: 1.6
url:	https://github.com/kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-11710	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/46438	Trust: 0.6

sources: CNVD: CNVD-2020-24138 // JVNDB: JVNDB-2020-003939 // CNNVD: CNNVD-202004-611 // NVD: CVE-2020-11710

SOURCES

db:	CNVD	id:	CNVD-2020-24138
db:	VULMON	id:	CVE-2020-11710
db:	JVNDB	id:	JVNDB-2020-003939
db:	CNNVD	id:	CNNVD-202004-611
db:	NVD	id:	CVE-2020-11710

LAST UPDATE DATE

2024-11-23T23:11:28.358000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-24138	date:	2020-04-23T00:00:00
db:	VULMON	id:	CVE-2020-11710	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-003939	date:	2020-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202004-611	date:	2020-05-29T00:00:00
db:	NVD	id:	CVE-2020-11710	date:	2024-11-21T04:58:27.307

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-24138	date:	2020-04-23T00:00:00
db:	VULMON	id:	CVE-2020-11710	date:	2020-04-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-003939	date:	2020-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202004-611	date:	2020-04-12T00:00:00
db:	NVD	id:	CVE-2020-11710	date:	2020-04-12T17:15:10.737