CVE-2023-25194HIGHCVSS 8.8ExploitedPoC≥ 2.3.0, < 3.4.02023-02-07
CVE-2023-25194 [HIGH] CWE-502 Apache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect
Apache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect
A possible security vulnerability has been identified in Apache Kafka Connect API.
This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client S
cvelistv5