Kestrel
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c32cc0a74557ba204557ba204557ba204557ba20
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /SearchByExpression/{expression}/{term}
GET /SearchInConcept/{conceptId}/{term}
Open service 20.40.202.29:443 ยท ichtyssnowmed.alpha-cr.com
2026-01-23 09:14
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 09:15:00 GMT Server: Kestrel Request-Context: appId=cid-v1:4e45ef04-e9e0-4ed7-b29f-4853b7571694