Detections
Analytics

MCP Server Unauthenticated Access

info Web App Scanning Plugin ID 114791

Language:

Synopsis

MCP Server Unauthenticated Access

Description

This is an informational notice that the scanner was able to detect a Model Context Protocol (MCP) server available without authentication on the target server. When available, the plugin provides the list of tools, prompts and resources in the attachments.

Solution

Ensure that the unauthenticated access avability to this MCP server is expected and does not expose sensitive information.

See Also

https://modelcontextprotocol.io

Plugin Details

Severity: Info

ID: 114791

Type: remote

Published: 6/11/2025

Updated: 6/11/2025

Scan Template: basic, full, pci, scan