Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheKafka*

3 matches found

CVE
CVEadded 2024/12/18 2:15 p.m.478 views

CVE-2024-56128

Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary:Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1].Specifically, as per RFC 5802, the serv...

5.3CVSS6.8AI score0.00266EPSS
CVE
CVEadded 2024/11/19 9:15 a.m.340 views

CVE-2024-31141

Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provi...

6.5CVSS6.1AI score0.00175EPSS
CVE
CVEadded 2024/04/12 7:15 a.m.246 views

CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: The administrator decides to remove an ACL The resource associated with the removed ACL continues to have two or mor...

7.4CVSS6.9AI score0.00162EPSS