Kafka Connect REST API Vulnerability Allows Denial of Service and Data Theft
CVE-2024-36543

Currently unrated

Key Information:

Vendor: STRIMZI
Vendor: CVE Published:; 17 June 2024

What is CVE-2024-36543?

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially steal Kafka SASL credentials, by querying the MirrorMaker Kafka REST API.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://strimzi.com

https://github.com/almounah/vulnerability-research/tree/m...

Timeline

Vulnerability published
Jun 17, 2024
Vulnerability Reserved
May 30, 2024

JSON

STRIMZI

What is CVE-2024-36543?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.