Strimzi Kafka Operator and MirrorMaker 2 All CAs from CA Chain Trusted Vulnerability
Vulnerability
A vulnerability in Strimzi Kafka Operator versions 0.47.0 prior to 0.50.1 allows Kafka Connect and Kafka MirrorMaker 2 to individually trust all certificates in a chain of CA certificates when connecting to an Apache Kafka cluster. This could lead to accepting connections from Kafka brokers using server certificates signed by any CA in the chain, rather than just the last one. The issue arises when a full CA chain is provided in the trusted certificates configuration.
Impact
Exploitation of this vulnerability could result in unauthorized connections to Kafka brokers, potentially allowing for the acceptance of invalid server certificates, which could be exploited in a man-in-the-middle attack.
Remediation
Users can upgrade to Strimzi version 0.50.1 or 0.51.0. Instructions for upgrading are available in the Strimzi documentation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.