CVE-2025-27818

CWE-502Deserialization of Untrusted Data5 documents5 sources
Severity
8.8HIGH
EPSS
0.5%
top 33.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache KafkaApache Software Foundation Apache Kafka
Timeline
PublishedJun 10

Description

A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

NVDapache/kafka2.3.03.9.1
Mavenorg.apache.kafka:kafka_2.122.3.03.9.1
Mavenorg.apache.kafka:kafka_2.132.4.03.9.1
Mavenorg.apache.kafka:kafka_2.112.3.02.4.1
CVEListV5apache_software_foundation/apache_kafka2.3.03.9.0

🔴Vulnerability Details

3
OSV
Apache Kafka Deserialization of Untrusted Data vulnerability2025-06-10
CVEList
Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration2025-06-10
GHSA
Apache Kafka Deserialization of Untrusted Data vulnerability2025-06-10

📋Vendor Advisories

1
Red Hat
apache-kafka: Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration2025-06-10
CVE-2025-27818 (HIGH CVSS 8.8) | A possible security vulnerability h | cvebase.io