Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:apache:kafka:0.10.0.0:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1288 |
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. Published: July 26, 2018; 10:29:00 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2017-12610 |
In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka. Published: July 26, 2018; 10:29:00 AM -0400 |
V4.0:(not available) V3.0: 6.8 MEDIUM V2.0: 4.9 MEDIUM |