Description

Apache Kafka is an open-source distributed event streaming platform used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.

Apache Kafka is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Apache Kafka service publicly accessible.

Remediation

It's recommended to restrict access to this service in production systems.

References

Kafka Security

Related Vulnerabilities

WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10152)

Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)

Node.js Running in Development Mode

WebPageTest Unauthorized Access Vulnerability

Unicode Transformation (Best-Fit Mapping)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N

Tags

Configuration