CVE-2018-1288 vulnerability in Apache and Other Products
Published on July 26, 2018

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.

Vendor Advisory NVD

Products Associated with CVE-2018-1288

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1288 are published in these products:

Apache Kafka

Red Hat Jboss Middleware Text Only Advisories

Oracle Database Server

Oracle Primavera P6 Enterprise Project Portfolio Management

Oracle Timesten In Memory Database

Affected Versions

Apache Software Foundation Apache Kafka:

Version 0.9.0.0 to 0.9.0.1 is affected.
Version 0.10.0.0 to 0.10.2.1 is affected.
Version 0.11.0.0 to 0.11.0.2 is affected.
Version 1.0.0 is affected.

Exploit Probability

EPSS

0.69%

Percentile

71.49%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1288 vulnerability in Apache and Other ProductsPublished on July 26, 2018

Products Associated with CVE-2018-1288

Affected Versions

Exploit Probability

CVE-2018-1288 vulnerability in Apache and Other Products
Published on July 26, 2018