Description

Apache Kafka is an open-source distributed event streaming platform used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.

Apache Kafka is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Apache Kafka service publicly accessible.

Remediation

It's recommended to restrict access to this service in production systems.

References

Kafka Security

Related Vulnerabilities

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)

Oracle Business Intelligence Adfresource Path traversal CVE-2019-2588

Permissions-Policy header not implemented

Struts 2 Config Browser plugin enabled

WordPress Plugin LearnDash LMS Multiple Information Disclosure Vulnerabilities (4.10.2)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration