Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.2.0 allows unauthenticated users access to authenticated routes without a valid token JWT.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kong Gateway 访问控制错误漏洞
Vulnerability Description
Kong Gateway是意大利 (Kong)公司的一个API网关。提供一个网间连接器。 Kong Gateway prior to 2.3.0.0 中的 JWT 插件存在访问控制错误漏洞,该漏洞允许未经身份验证的用户在没有有效令牌的情况下访问经过身份验证的路由。
CVSS Information
N/A
Vulnerability Type
N/A