2 matches found
Security Bulletin: Apache Kafka Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator (CVE-2017-12610, CVE-2018-1288)
Summary BM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2017-12610 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions. By using a manually specially crafted protocol message with SASL/PLAIN ...
CVE-2017-12610
CVE-2017-12610 affects Apache Kafka versions 0.10.0.0–0.10.2.1 and 0.11.0.0–0.11.0.1. The issue allows an authenticated Kafka client to impersonate other users by sending a manually crafted protocol message when SASL/PLAIN or SASL/SCRAM is used against the built-in servers. The vulnerability can ...