Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:25 a.m.38 views

Improper Authentication in Apache Kafka

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS4.5AI score0.02985EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2018/08/02 2:49 a.m.29 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS4.3AI score0.02985EPSS
Exploits0References2
Veracode
Veracode
added 2018/07/27 3:15 a.m.28 views

User Impersonation

kafka-clients is vulnerable to user impersonation attacks. The vulnerabilities exists due to the lack of authentication checks in the SASL/PLAIN and SASL/SCRAM authentication methods using the built-in PLAIN or SCRAM server implementation in kafka-clients...

6.8CVSS7.2AI score0.02985EPSS
Exploits0References13Affected Software1
NVD
NVD
added 2018/07/26 2:29 p.m.28 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS7.2AI score0.02985EPSS
Exploits0References6
OSV
OSV
added 2018/07/26 2:29 p.m.25 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS6.7AI score
Exploits0References6
Prion
Prion
added 2018/07/26 2:29 p.m.21 views

Authentication flaw

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

4.9CVSS6.7AI score0.02985EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2018/07/26 2:0 p.m.30 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8AI score0.02985EPSS
Exploits0References6
Rows per page
Query Builder