Description
Kentico is an ASP.NET web content management system. The Staging API is used to replicate data between production and development systems.
Kentico Staging API contains an authentication bypass vulnerability that allows
unauthenticated remote attackers to access sensitive functionality, potentially leading to complete server compromise.
Remediation
Upgrade to the latest version of Kentico
References
Related Vulnerabilities
Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)
Collabtive Improper Input Validation Vulnerability (CVE-2012-2670)
PHP Improper Input Validation Vulnerability (CVE-2016-4071)
Play Framework Out-of-bounds Write Vulnerability (CVE-2020-27196)
Deprecated Header Instruction Used to Implement Content Security Policy (CSP)