Kafka UI, a popular open-source web app for managing Apache Kafka clusters, was found to have multiple Remote Code Execution (RCE) vulnerabilities due to lack of authentication and exposure to various attack vectors. These vulnerabilities, discovered in versions prior to 0.7.2, can be exploited through Groovy script execution, JMX connector misconfiguration, and JndiLoginModule. Users are advised to upgrade to version 0.7.2 for security fixes and implement additional precautions such as serialization filters to mitigate risks.
Table of contents
CVE-2023-52251: RCE via Groovy script executionCVE-2024-32030: RCE via JMX connectorCVE-2023-25194: RCE via JndiLoginModuleFinal thoughtsSort: