Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:40633
HistoryMay 22, 2023 - 1:41 p.m.

Remote Code Execution (RCE)

2023-05-2213:41:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
49
kafka
remote code execution
vulnerability
sasl configurations
deserialization gadget chain
ldap server

EPSS

0.965

Percentile

99.6%

Kafka clients is vulnerable to Remote Code Execution. The vulnerability is due to a lack of restrictions on the sasl.jaas.config authentication property, which allows an authenticated attacker to submit arbitrary SASL configurations. An attacker can inject a deserialization gadget chain into the configuration when there are available gadgets in the classpath, resulting in arbitrary code execution when a client connects to the attacker controlled LDAP server.