Swagger Exposure

Swagger is an implementation of the OpenAPI specification that helps developers build client libraries.

Impact

OpenAPI, defined by Swagger definitions, services provide alternative, and sometimes low-level, ways to access the application and therefore need to be fully inspected for vulnerabilities.

Solution

If the services are not in use ensure that they are removed or only available to authorised personnel.