In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-07-26T14:00:00Z

Updated: 2024-09-17T01:10:36.261Z

Reserved: 2017-08-07T00:00:00

Link: CVE-2017-12610

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-26T14:29:00.327

Modified: 2024-11-21T03:09:53.320

Link: CVE-2017-12610

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-07-26T00:00:00Z

Links: CVE-2017-12610 - Bugzilla