4 matches found
IBM DB2 Recovery Expert 安全漏洞
IBM DB2 Recovery Expert is a database recovery tool developed by IBM. The version IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 contains a security vulnerability. This vulnerability arises from the transmission of data through plaintext communication channels, which may allow attackers to...
kafka: Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption
A flaw was found in Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism SCRAM, which did not fully adhere to the requirements of RFC 5802. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the...
kafka: Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption
A flaw was found in Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism SCRAM, which did not fully adhere to the requirements of RFC 5802. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the...
kafka: Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption
A flaw was found in Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism SCRAM, which did not fully adhere to the requirements of RFC 5802. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the...