CVE-2025-27819

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-27819

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-27819.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-27819

Aliases

Published

2025-06-10T08:15:22.687Z

Modified

2025-11-19T17:34:04.300823Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.

Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in in Apache Kafka 3.9.1/4.0.0

References

https://kafka.apache.org/cve-list

Affected packages

Git / github.com/apache/kafka

Affected ranges

Type: GIT
Repo: https://github.com/apache/kafka
Events: Introduced

3402a8361b7347326b8a9fdb22300986fbbf9cd0

Last affected

b66af662e61082cb8def576ded1fe5cee37e155f

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-27819.json"