Sensitive Data: Apache Kafka Center Default Login¶

Identifier: kafka_center_default_login

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Apache Kafka Center management interface may be accessible with default admin credentials, allowing unauthorized access to Kafka cluster configuration, topic management, and administrative functions.

How we test: We attempt to authenticate to the Apache Kafka Center interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Reference:

https://developer.ibm.com/tutorials/kafka-authn-authz/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  kafka_center_default_login:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.