Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.9
References
Products affected by CVE-2017-12610
  • Apache » Kafka » Version: 0.10.0.0
    cpe:2.3:a:apache:kafka:0.10.0.0
  • Apache » Kafka » Version: 0.10.0.1
    cpe:2.3:a:apache:kafka:0.10.0.1
  • Apache » Kafka » Version: 0.10.1.0
    cpe:2.3:a:apache:kafka:0.10.1.0
  • Apache » Kafka » Version: 0.10.1.1
    cpe:2.3:a:apache:kafka:0.10.1.1
  • Apache » Kafka » Version: 0.10.2.0
    cpe:2.3:a:apache:kafka:0.10.2.0
  • Apache » Kafka » Version: 0.10.2.1
    cpe:2.3:a:apache:kafka:0.10.2.1
  • Apache » Kafka » Version: 0.11.0.0
    cpe:2.3:a:apache:kafka:0.11.0.0
  • Apache » Kafka » Version: 0.11.0.1
    cpe:2.3:a:apache:kafka:0.11.0.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved