来源:Apache Kafka官网
发布日期:2019-07-10
阅读次数:947
评论:0
更新标题
Authenticated clients with Write permission may bypass transaction/idempotent ACL validation
更新详情
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually
craft a Produce request which bypasses transaction/idempotent ACL validation.
Only authenticated clients with Write permission on the respective topics are
able to exploit this vulnerability. Users should upgrade to 2.1.1 or later
where this vulnerability has been fixed.
软件描述
Apache Kafka是一个分布式发布 - 订阅消息系统和一个强大的队列,可以处理大量的数据,并使你能够将消息从一个端点传递到另一个端点。 Kafka适合离线和在线消息消费。 Kafka消息保留在磁盘上,并在群集内复制以防止数据丢失。 Kafka构建在ZooKeeper同步服务之上。 它与Apache Storm和Spark非常好地集成,用于实时流式数据分析。
评论