Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2024/06/19 3:34 a.m.6 views

SUSE CVE-2024-36543

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector bypassing Kafka ACL if it exists, and potentially stea...

9.8CVSS6.8AI score0.00524EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:18 p.m.40 views

Security Bulletin: Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2019-12399)

Summary Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure . IBM has addressed the relevant vulnerability. Vulnerability Details CVEID:CVE-2019-12399 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a flaw in the Conne...

7.5CVSS7.2AI score0.03915EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/03/23 1:20 p.m.118 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 1.4.0 release and security update

Red Hat AMQ Streams 1.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.2AI score0.13474EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2020/03/23 1:20 p.m.30 views

kafka: Connect REST API exposes plaintext secrets in tasks endpoint

When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value,...

7.5CVSS7.4AI score0.03915EPSS
Exploits0References4
Rows per page
Query Builder