Executive Summary

Informations
Name CVE-2024-36543 First vendor Publication 2024-06-17
Vendor Cve Last vendor Modification 2024-07-03

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially steal Kafka SASL credentials, by querying the MirrorMaker Kafka REST API.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36543

Sources (Detail)

http://strimzi.com
https://github.com/almounah/vulnerability-research/tree/main/CVE-2024-36543
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2024-07-03 09:27:28
  • Multiple Updates
2024-06-20 17:27:38
  • Multiple Updates
2024-06-18 00:27:23
  • First insertion