CVE-2018-1288

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1288
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1288.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1288
Aliases
Related
Withdrawn
2024-05-08T06:50:00.392671Z
Published
2018-07-26T14:29:00Z
Modified
2023-11-07T02:55:55Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
Summary
[none]
Details

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.

References

Affected packages

Git / github.com/apache/kafka